Date: Fri, 3 Mar 2000 11:30:14 +1100 (EST) From: Bruce Evans <bde@zeta.org.au> To: Brian Dean <brdean@unx.sas.com> Cc: Kris Kennaway <kris@hub.freebsd.org>, current@FreeBSD.ORG Subject: Re: HEADS UP! IPC security (Re: cvs commit: src/sys/kern sysv_ipc.c (fwd)) Message-ID: <Pine.BSF.4.21.0003031118320.2224-100000@alphplex.bde.org> In-Reply-To: <200003022158.QAA00364@dean.pc.sas.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 2 Mar 2000, Brian Dean wrote:
> Resisting the temptation to cut-and-paste (resulting in the lost
> tabs), and incorporating your other suggestions, how about this
> version?
>
> Index: sysv_ipc.c
> ===================================================================
> RCS file: /usr00/mirror/ncvs/src/sys/kern/sysv_ipc.c,v
> retrieving revision 1.13
> diff -u -r1.13 sysv_ipc.c
> --- sysv_ipc.c 2000/02/29 22:58:59 1.13
> +++ sysv_ipc.c 2000/03/02 21:45:25
> @@ -51,16 +51,11 @@
> int mode;
> {
> struct ucred *cred = p->p_ucred;
> - int error;
>
> - error = suser(p);
> - if (!error)
> - return (0);
> -
> /* Check for user match. */
> if (cred->cr_uid != perm->cuid && cred->cr_uid != perm->uid) {
> if (mode & IPC_M)
> - return (EPERM);
> + return (suser(p) == 0 ? 0 : EPERM);
> /* Check for group match. */
> mode >>= 3;
> if (!groupmember(perm->gid, cred) &&
> @@ -71,7 +66,7 @@
>
> if (mode & IPC_M)
> return (0);
> - return ((mode & perm->mode) == mode ? 0 : EACCES);
> + return ((mode & perm->mode) == mode || suser(p) == 0 ? 0 : EACCES);
> }
>
> #endif /* defined(SYSVSEM) || defined(SYSVSHM) || defined(SYSVMSG) */
I'm happy with this version.
You might also look at the NetBSD version. It has been rewritten to
be more like ufs_access(). The main changes seem to be that the (mode
& IPC_M) test is replaced by (mode == IPC_M) and the hackish right
shifting of `mode' is replaced by lots of bit conversions, as is
required when the S_IRUSR etc. bits aren't assumed to have various
magic relationships among themseleves and with the IPC mode bits.
All these changes can wait until after 4.0 is released.
Bruce
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0003031118320.2224-100000>