Date: 19 Feb 2002 10:13:17 +0100 From: Dag-Erling Smorgrav <des@ofug.org> To: Robert Watson <rwatson@FreeBSD.org> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/miscfs/procfs procfs_subr.c Message-ID: <xzpheod7s2a.fsf@flood.ping.uio.no> In-Reply-To: <Pine.NEB.3.96L.1020218191459.69361L-100000@fledge.watson.org> References: <Pine.NEB.3.96L.1020218191459.69361L-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Robert Watson <rwatson@FreeBSD.org> writes: > On 18 Feb 2002, Dag-Erling Smorgrav wrote: > > The upper layers of the VFS system enforce the file mode. > Hmm. I'm not sure that's true in most cases. Under normal circumstances, > upper layers of VFS rely on the per-filesystem code to do enforcement as > part of common operations, or they rely on the per-filesystem VOP_ACCESS() > code. Ah, well, here's to making rash assumptions. However, 1) pseudofs has a fully functional VOP_ACCESS() (based on vaccess(9)), and 2) empirical tests show that this change works as intended. There are a few exceptions, but not very many. This generally > reflects the fact that the broader abstractions of the kernel don't > understand per-fs access control mechanisms, such as those in msdosfs, > NFS, AFS, etc, which differ substantially from local models. Does this > change have specific non-cosmetic effects that you have in mind? For > example, should we be doing a security advisory? Possibly. The buggy code has been in -CURRENT since early December. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpheod7s2a.fsf>