From owner-freebsd-current@FreeBSD.ORG  Sat May  8 00:01:41 2004
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@www.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 78E9116A4CE
	for <freebsd-current@www.freebsd.org>;
	Sat,  8 May 2004 00:01:41 -0700 (PDT)
Received: from smtp01.syd.iprimus.net.au (smtp01.syd.iprimus.net.au
	[210.50.30.52])	by mx1.FreeBSD.org (Postfix) with ESMTP id BA96F43D3F
	for <freebsd-current@www.freebsd.org>;
	Sat,  8 May 2004 00:01:40 -0700 (PDT)
	(envelope-from tim@robbins.dropbear.id.au)
Received: from robbins.dropbear.id.au (203.134.132.247) by
	smtp01.syd.iprimus.net.au (7.0.024)
	id 409956B40010A08F; Sat, 8 May 2004 17:01:05 +1000
Received: by robbins.dropbear.id.au (Postfix, from userid 1000)
	id 3D09941E6; Sat,  8 May 2004 17:00:40 +1000 (EST)
Date: Sat, 8 May 2004 17:00:40 +1000
From: Tim Robbins <tjr@freebsd.org>
To: Bruce M Simpson <bms@spc.org>
Message-ID: <20040508070040.GA20138@cat.robbins.dropbear.id.au>
References: <20040507092235.GA61837@stack.nl>
	<20040507100119.GA15782@cat.robbins.dropbear.id.au>
	<20040507235556.GB37035@empiric.dek.spc.org>
	<20040508010228.GA18935@cat.robbins.dropbear.id.au>
	<20040508012357.GA37547@empiric.dek.spc.org>
	<20040508030258.GA19512@cat.robbins.dropbear.id.au>
	<20040508044207.GB38736@empiric.dek.spc.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20040508044207.GB38736@empiric.dek.spc.org>
User-Agent: Mutt/1.4.1i
cc: Marc Olzheim <marcolz@stack.nl>
cc: Poul-Henning Kamp <phk@phk.freebsd.dk>
cc: freebsd-current@www.freebsd.org
Subject: Re: Unified getcwd() implementation
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 08 May 2004 07:01:41 -0000

On Sat, May 08, 2004 at 05:42:07AM +0100, Bruce M Simpson wrote:

> On Sat, May 08, 2004 at 01:02:58PM +1000, Tim Robbins wrote:
> > I don't see how it differs from what we already do in userland.
> 
> Quite a bit different, actually. I refer the honorable gentleman to
> Marc Olzheim's message with the Message-ID: <20040507105355.GA93808@stack.nl>.

The message that you refer to says:
"Because getcwd() is a function that might or might not return EACCESS in
the current implementation, depending on whether the current path is in
the cache or not. If in /a/b/c/ directory b is unreadable for a user,
/a/b/c is returned by getcwd() as long as it is in the cache (kernel),
if not, the libc getcwd tries to resolve it, but fails."

This is obviously a bug in the current implementation -- it should use
VOP_ACCESS to check that the calling process has access to the vnodes
of the current directory and its parents. How does the patch in question
address this issue? Both the current implementation and the proposed
new implementation try to find the pathname use the namecache without
authorization checks, then if that fails, go on to read the directories,
but this time with authorization checks. What is the difference?


Tim