Date: Sat, 16 Dec 2006 15:51:36 +0300 From: Andrey Chernov <ache@FreeBSD.org> To: Robert Watson <rwatson@FreeBSD.org> Cc: current@FreeBSD.org Subject: Re: sysv_ipc.c broken in v1.30 (was Re: sysvshm appearse broken in -current) Message-ID: <20061216125136.GA1094@nagual.pp.ru> In-Reply-To: <20061216120746.E72986@fledge.watson.org> References: <20061216055903.GA2712@nagual.pp.ru> <20061216111656.GA7501@nagual.pp.ru> <20061216112117.P72986@fledge.watson.org> <20061216114426.GA7735@nagual.pp.ru> <20061216120746.E72986@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Dec 16, 2006 at 12:11:05PM +0000, Robert Watson wrote: > > * Always permit the creator/owner to update the object > > * protections regardless of whether the object mode > > * permits it. > > */ > > if (mode & IPC_M) > > return (0); > > > >I.e. old code not even check for IPC_W or IPC_R in case of IPC_M presense. > > Is this conclusion a supposition or the result of testing? Could you test > and see if this is true? It comes just from code reading. First check for owner and next check for IPC_M bit _only_ (no other bits!) then return (0) i.e. success. > >Moreover, old code allows _anything_ for suser: > The new code should also allow anything, as long as the bits passed into > ipcperm() as requested modes are valid. There's certainly a bug here I mean anything for suser ignoring completely any modes passed. I.e. no EACCES should happen for suser in _any_ mode combination. -- http://ache.pp.ru/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061216125136.GA1094>