From owner-cvs-all Sat Oct 19 13:26:19 2002 Delivered-To: cvs-all@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D69C337B401; Sat, 19 Oct 2002 13:26:17 -0700 (PDT) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 99DA443E6A; Sat, 19 Oct 2002 13:26:17 -0700 (PDT) (envelope-from rwatson@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.6/8.12.6) with ESMTP id g9JKPvmV080007; Sat, 19 Oct 2002 13:25:57 -0700 (PDT) (envelope-from rwatson@repoman.freebsd.org) Received: (from rwatson@localhost) by repoman.freebsd.org (8.12.6/8.12.6/Submit) id g9JKPveT080006; Sat, 19 Oct 2002 13:25:57 -0700 (PDT) Message-Id: <200210192025.g9JKPveT080006@repoman.freebsd.org> From: Robert Watson Date: Sat, 19 Oct 2002 13:25:57 -0700 (PDT) To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/kern vfs_syscalls.c X-FreeBSD-CVS-Branch: HEAD Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG rwatson 2002/10/19 13:25:57 PDT Modified files: sys/kern vfs_syscalls.c Log: Hook up most of the MAC entry points relating to file/directory/node creation, deletion, and rename. There are one or two other stray cases I'll catch in follow-up commits (such as unix domain socket creation); this permits MAC policy modules to limit the ability to perform these operations based on existing UNIX credential / vnode attributes, extended attributes, and security labels. In the rename case using MAC, we now have to lock the from directory and file vnodes for the MAC check, but this is done only in the MAC case, and the locks are immediately released so that the remainder of the rename implementation remains the same. Because the create check takes a vattr to know object type information, we now initialize additional fields in the VATTR passed to VOP_SYMLINK() in the MAC case. Approved by: re Obtained from: TrustedBSD Project Sponsored by: DARPA, Network Associates Laboratories Revision Changes Path 1.295 +68 -2 src/sys/kern/vfs_syscalls.c To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message