From owner-freebsd-current  Thu Mar  2 13:58:46 2000
Delivered-To: freebsd-current@freebsd.org
Received: from lamb.sas.com (lamb.sas.com [192.35.83.8])
	by hub.freebsd.org (Postfix) with ESMTP
	id DE68A37B5FC; Thu,  2 Mar 2000 13:58:41 -0800 (PST)
	(envelope-from brdean@unx.sas.com)
Received: from mozart (mozart.unx.sas.com [192.58.184.28])
	by lamb.sas.com (8.9.3/8.9.1) with SMTP id QAA19542;
	Thu, 2 Mar 2000 16:58:31 -0500 (EST)
Received: from dean.pc.sas.com by mozart (5.65c/SAS/Domains/5-6-90)
	id AA14748; Thu, 2 Mar 2000 16:58:01 -0500
Received: (from brdean@localhost)
	by dean.pc.sas.com (8.9.3/8.9.1) id QAA00364;
	Thu, 2 Mar 2000 16:58:00 -0500 (EST)
	(envelope-from brdean)
From: Brian Dean <brdean@unx.sas.com>
Message-Id: <200003022158.QAA00364@dean.pc.sas.com>
Subject: Re: HEADS UP! IPC security (Re: cvs commit: src/sys/kern sysv_ipc.c
 (fwd))
In-Reply-To: <Pine.BSF.4.21.0003030722070.2011-100000@alphplex.bde.org> from
 Bruce Evans at "Mar 3, 2000 07:30:11 am"
To: Bruce Evans <bde@zeta.org.au>
Date: Thu, 2 Mar 2000 16:58:00 -0500 (EST)
Cc: Kris Kennaway <kris@hub.freebsd.org>, current@FreeBSD.ORG
X-Mailer: ELM [version 2.4ME+ PL61 (25)]
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Bruce Evans wrote:
> It has too many style bugs for me.  It corrupts all tabs to spaces and
> has some other style bugs.

Resisting the temptation to cut-and-paste (resulting in the lost
tabs), and incorporating your other suggestions, how about this
version?

Thanks,
-Brian

Index: sysv_ipc.c
===================================================================
RCS file: /usr00/mirror/ncvs/src/sys/kern/sysv_ipc.c,v
retrieving revision 1.13
diff -u -r1.13 sysv_ipc.c
--- sysv_ipc.c	2000/02/29 22:58:59	1.13
+++ sysv_ipc.c	2000/03/02 21:45:25
@@ -51,16 +51,11 @@
 	int mode;
 {
 	struct ucred *cred = p->p_ucred;
-	int error;
 
-	error = suser(p);
-	if (!error)
-		return (0);
-
 	/* Check for user match. */
 	if (cred->cr_uid != perm->cuid && cred->cr_uid != perm->uid) {
 		if (mode & IPC_M)
-			return (EPERM);
+			return (suser(p) == 0 ? 0 : EPERM);
 		/* Check for group match. */
 		mode >>= 3;
 		if (!groupmember(perm->gid, cred) &&
@@ -71,7 +66,7 @@
 
 	if (mode & IPC_M)
 		return (0);
-	return ((mode & perm->mode) == mode ? 0 : EACCES);
+	return ((mode & perm->mode) == mode || suser(p) == 0 ? 0 : EACCES);
 }
 
 #endif /* defined(SYSVSEM) || defined(SYSVSHM) || defined(SYSVMSG) */


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message