Date: Sun, 23 Jul 2006 14:24:25 +0100 (BST) From: Robert Watson <rwatson@FreeBSD.org> To: =?GB2312?B?wO7J0L3c?= <shangjie.li@gmail.com> Cc: freebsd-bugs@freebsd.org Subject: Re: An error about IPC permission checking Message-ID: <20060723142340.L60996@fledge.watson.org> In-Reply-To: <de71d27b0607230239g1e37de1fye969b1b8616550c1@mail.gmail.com> References: <de71d27b0607230239g1e37de1fye969b1b8616550c1@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 23 Jul 2006, ÀîÉÐ½Ü wrote:
> in the source code kern/sysv_shm.c:
>
> 729 error = ipcperm(td, &shmseg->u.shm_perm, mode);
> 730 #ifdef MAC
> 731 error = mac_check_sysv_shmget(td->td_ucred, shmseg, uap->shmflg);
> 732 if (error != 0)
> 733 MPRINTF(("mac_check_sysv_shmget returned %d\n", error));
> 734 #endif
> 735 if (error)
> 736 return (error);
>
> The return value of ipcperm() call is not be checked in time, and
> interrupted by mac checking, if Mac is enabled.
Indeed, it looks like revision 1.104 was never merged from HEAD to RELENG_6,
which corrects this bug, and also re-orders the two checks so that the MAC
check occurs before the DAC check. I'll go ahead and merge that change.
Thanks,
Robert N M Watson
Computer Laboratory
University of Cambridge
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060723142340.L60996>