From owner-freebsd-arch@FreeBSD.ORG Mon Apr 23 23:22:35 2007 Return-Path: X-Original-To: arch@freebsd.org Delivered-To: freebsd-arch@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 69B1216A40B for ; Mon, 23 Apr 2007 23:22:35 +0000 (UTC) (envelope-from howard0su@gmail.com) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.178]) by mx1.freebsd.org (Postfix) with ESMTP id 16F1E13C46C for ; Mon, 23 Apr 2007 23:22:34 +0000 (UTC) (envelope-from howard0su@gmail.com) Received: by py-out-1112.google.com with SMTP id f31so1397884pyh for ; Mon, 23 Apr 2007 16:22:34 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=NUKK1MDJl58pv/07cd7XMz5v+LUXcs1xZ29Df/VXvyTdZDDaQJy1np6hpFjdqkHi1pbnLy2MIC43slAjhKwZV87+v6kwYRIAupDtv1hLGq57TnUW0Un9oIHrWThbJ9NUnlbbQfYH2CMRY4IVrFuhL8ouniTb1387PXMJcamC/vc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=OARrSMNSZ51GI86Z6YKTKP1MMG10KfCbCH61ct4G0oBxNPMsRFBDydonCIuydF3UceK3xJiZcrr4WD9GWenfn0inhQ2G0VDFAzWf4ovv3lmE05CE92IYu1iN0FEOILFe9Xn/Wk9ATOtoRBAQK8gKI2wPgOz0szMmCP0drqKneoE= Received: by 10.64.184.16 with SMTP id h16mr12962850qbf.1177370552986; Mon, 23 Apr 2007 16:22:32 -0700 (PDT) Received: by 10.35.54.15 with HTTP; Mon, 23 Apr 2007 16:22:32 -0700 (PDT) Message-ID: Date: Mon, 23 Apr 2007 16:22:32 -0700 From: "Howard Su" To: "Robert Watson" In-Reply-To: <20070423132006.T26224@fledge.watson.org> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <20070423132006.T26224@fledge.watson.org> Cc: arch@freebsd.org, Pawel Jakub Dawidek Subject: Re: move audit/priviliage check into VFS X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 23 Apr 2007 23:22:35 -0000 On 4/23/07, Robert Watson wrote: > > > Pawel and I have talked about this a bit in the past -- vaccess(9) and > vaccess_acl_posix1e(9) were really the first step in abstracting file system > access control decisions, and aren't a bad step -- they certainly cover a lot > of the previously plentifully replicated cases (countless foo_access() VOP > implementations). However, I think we should be restrained and do a bit of > experimentation -- sometimes as much work could be done bundling up the common > arguments to deliver them to a central access check as is done in having the > access check appear in the calling code itself. Can we refine VOP_ACCESS() a > bit further to get what we need, or do we need new common functions? > In FS dependent code, we don't only call VOP_ACCESS, but also check some flags like ISUID, ISGID, NOUNLINK, APPEND, etc. This sort of stuffs are so easy to regerssion when I work on tmpfs and it should be almost same code in all the FS. However VFS don't have this sort of information in vnode structure. Is this can be added? -- -Howard