Date: Mon, 18 Feb 2002 19:16:46 -0500 (EST) From: Robert Watson <rwatson@FreeBSD.org> To: Dag-Erling Smorgrav <des@ofug.org> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/miscfs/procfs procfs_subr.c Message-ID: <Pine.NEB.3.96L.1020218191459.69361L-100000@fledge.watson.org> In-Reply-To: <xzpy9hq77in.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On 18 Feb 2002, Dag-Erling Smorgrav wrote: > Robert Watson <rwatson@FreeBSD.org> writes: > > My interpretation of this commit is that it's actually more cosmetic than > > concrete: i.e., the permission bits will look different, but the access > > control is the same. Is that right? > > The upper layers of the VFS system enforce the file mode. Hmm. I'm not sure that's true in most cases. Under normal circumstances, upper layers of VFS rely on the per-filesystem code to do enforcement as part of common operations, or they rely on the per-filesystem VOP_ACCESS() code. There are a few exceptions, but not very many. This generally reflects the fact that the broader abstractions of the kernel don't understand per-fs access control mechanisms, such as those in msdosfs, NFS, AFS, etc, which differ substantially from local models. Does this change have specific non-cosmetic effects that you have in mind? For example, should we be doing a security advisory? Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1020218191459.69361L-100000>