Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 9 Feb 2007 14:59:48 GMT
From:      Robert Watson <rwatson@FreeBSD.org>
To:        Perforce Change Reviews <perforce@freebsd.org>
Subject:   PERFORCE change 114294 for review
Message-ID:  <200702091459.l19ExmTp033147@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help 
http://perforce.freebsd.org/chv.cgi?CH=114294

Change 114294 by rwatson@rwatson_cinnamon on 2007/02/09 14:59:00

	Narrow scope of quota privileges allowed in jail by default: don't
	let superuser manipulate the usage counts or configuration of quotas.

Affected files ...

.. //depot/projects/trustedbsd/priv/sys/kern/kern_jail.c#14 edit
.. //depot/projects/trustedbsd/priv/sys/ufs/ufs/ufs_quota.c#6 edit

Differences ...

==== //depot/projects/trustedbsd/priv/sys/kern/kern_jail.c#14 (text+ko) ====

@@ -616,14 +616,11 @@
 
 		/*
 		 * Allow root in jail to manage a variety of quota
-		 * properties.  Some are a bit surprising and should be
-		 * reconsidered.
+		 * properties.  These should likely be conditional on a
+		 * configuration option.
 		 */
 	case PRIV_UFS_GETQUOTA:
-	case PRIV_UFS_QUOTAOFF:		/* XXXRW: Slightly surprising. */
-	case PRIV_UFS_QUOTAON:		/* XXXRW: Slightly surprising. */
 	case PRIV_UFS_SETQUOTA:
-	case PRIV_UFS_SETUSE:		/* XXXRW: Slightly surprising. */
 
 		/*
 		 * Since Jail relies on chroot() to implement file system

==== //depot/projects/trustedbsd/priv/sys/ufs/ufs/ufs_quota.c#6 (text+ko) ====

@@ -426,11 +426,7 @@
 	int error, flags;
 	struct nameidata nd;
 
-	/*
-	 * XXXRW: Can this be right?  Jail is allowed to do this?
-	 */
-	error = priv_check_cred(td->td_ucred, PRIV_UFS_QUOTAON,
-	    SUSER_ALLOWJAIL);
+	error = priv_check_cred(td->td_ucred, PRIV_UFS_QUOTAON, 0);
 	if (error)
 		return (error);
 
@@ -524,11 +520,7 @@
 	struct inode *ip;
 	int error;
 
-	/*
-	 * XXXRW: This also seems wrong to allow in a jail?
-	 */
-	error = priv_check_cred(td->td_ucred, PRIV_UFS_QUOTAOFF,
-	    SUSER_ALLOWJAIL);
+	error = priv_check_cred(td->td_ucred, PRIV_UFS_QUOTAOFF, 0);
 	if (error)
 		return (error);
 
@@ -713,8 +705,7 @@
 	struct dqblk usage;
 	int error;
 
-	error = priv_check_cred(td->td_ucred, PRIV_UFS_SETUSE,
-	    SUSER_ALLOWJAIL);
+	error = priv_check_cred(td->td_ucred, PRIV_UFS_SETUSE, 0);
 	if (error)
 		return (error);

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200702091459.l19ExmTp033147>