From owner-freebsd-current Thu Mar 2 12:30:35 2000 Delivered-To: freebsd-current@freebsd.org Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16]) by hub.freebsd.org (Postfix) with ESMTP id 2408337C02D; Thu, 2 Mar 2000 12:30:27 -0800 (PST) (envelope-from bde@zeta.org.au) Received: from bde.zeta.org.au (bde.zeta.org.au [203.2.228.102]) by mailman.zeta.org.au (8.8.7/8.8.7) with ESMTP id HAA16379; Fri, 3 Mar 2000 07:35:31 +1100 Date: Fri, 3 Mar 2000 07:30:11 +1100 (EST) From: Bruce Evans X-Sender: bde@alphplex.bde.org To: Brian Dean Cc: Kris Kennaway , current@FreeBSD.ORG Subject: Re: HEADS UP! IPC security (Re: cvs commit: src/sys/kern sysv_ipc.c (fwd)) In-Reply-To: <200003021458.JAA00436@dean.pc.sas.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, 2 Mar 2000, Brian Dean wrote: > I believe the following patch does what you are asking. Essentially, > it only calls suser() if it was about to return a permission error, > thus the ASU flag should only be set when superuser privileges are > actually used. > > Let me know if this looks OK, and if Jordan approves, I'll commit it. It has too many style bugs for me. It corrupts all tabs to spaces and has some other style bugs. > Index: sysv_ipc.c > =================================================================== > RCS file: /usr00/mirror/ncvs/src/sys/kern/sysv_ipc.c,v > retrieving revision 1.13 > diff -u -r1.13 sysv_ipc.c > --- sysv_ipc.c 2000/02/29 22:58:59 1.13 > +++ sysv_ipc.c 2000/03/02 14:39:41 > @@ -51,16 +51,15 @@ > int mode; > { > struct ucred *cred = p->p_ucred; > - int error; > > - error = suser(p); > - if (!error) > - return (0); > - > /* Check for user match. */ > if (cred->cr_uid != perm->cuid && cred->cr_uid != perm->uid) { > - if (mode & IPC_M) > - return (EPERM); > + if (mode & IPC_M) { > + if (suser(p) == 0) > + return (0); > + else > + return (EPERM); > + } I might write this as: if (mode & IPC_M) return (suser(p) == 0 ? 0 : EPERM); > /* Check for group match. */ > mode >>= 3; > if (!groupmember(perm->gid, cred) && > @@ -71,7 +70,14 @@ > > if (mode & IPC_M) > return (0); > - return ((mode & perm->mode) == mode ? 0 : EACCES); > + > + if ((mode & perm->mode) == mode) > + return (0); > + > + if (suser(p) == 0) > + return (0); > + > + return EACCES; I might write this as: return ((mode & perm->mode) == mode || suser(p) == 0 ? 0 : EACCES); > } > > #endif /* defined(SYSVSEM) || defined(SYSVSHM) || defined(SYSVMSG) */ > > Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message