Module Name: src Committed By: christos Date: Tue Apr 17 19:15:16 UTC 2012
Modified Files: src/sys/kern: vfs_syscalls.c src/sys/ufs/chfs: chfs_vnops.c src/sys/ufs/ext2fs: ext2fs_readwrite.c src/sys/ufs/ufs: ufs_readwrite.c Log Message: don't error out when chowning/chgrping or writing to a setuid/setgid file without being the setuid user or group. Just turn off the bit like we did before. To generate a diff of this commit: cvs rdiff -u -r1.450 -r1.451 src/sys/kern/vfs_syscalls.c cvs rdiff -u -r1.4 -r1.5 src/sys/ufs/chfs/chfs_vnops.c cvs rdiff -u -r1.59 -r1.60 src/sys/ufs/ext2fs/ext2fs_readwrite.c cvs rdiff -u -r1.102 -r1.103 src/sys/ufs/ufs/ufs_readwrite.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/sys/kern/vfs_syscalls.c diff -u src/sys/kern/vfs_syscalls.c:1.450 src/sys/kern/vfs_syscalls.c:1.451 --- src/sys/kern/vfs_syscalls.c:1.450 Tue Mar 13 14:40:56 2012 +++ src/sys/kern/vfs_syscalls.c Tue Apr 17 15:15:15 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: vfs_syscalls.c,v 1.450 2012/03/13 18:40:56 elad Exp $ */ +/* $NetBSD: vfs_syscalls.c,v 1.451 2012/04/17 19:15:15 christos Exp $ */ /*- * Copyright (c) 2008, 2009 The NetBSD Foundation, Inc. @@ -70,7 +70,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls.c,v 1.450 2012/03/13 18:40:56 elad Exp $"); +__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls.c,v 1.451 2012/04/17 19:15:15 christos Exp $"); #ifdef _KERNEL_OPT #include "opt_fileassoc.h" @@ -3360,15 +3360,13 @@ change_owner(struct vnode *vp, uid_t uid * group-id settings intact in that case. */ if (vattr.va_mode & S_ISUID) { - error = kauth_authorize_vnode(l->l_cred, - KAUTH_VNODE_RETAIN_SUID, vp, NULL, EPERM); - if (error) + if (kauth_authorize_vnode(l->l_cred, + KAUTH_VNODE_RETAIN_SUID, vp, NULL, EPERM) != 0) newmode &= ~S_ISUID; } if (vattr.va_mode & S_ISGID) { - error = kauth_authorize_vnode(l->l_cred, - KAUTH_VNODE_RETAIN_SGID, vp, NULL, EPERM); - if (error) + if (kauth_authorize_vnode(l->l_cred, + KAUTH_VNODE_RETAIN_SGID, vp, NULL, EPERM) != 0) newmode &= ~S_ISGID; } } else { Index: src/sys/ufs/chfs/chfs_vnops.c diff -u src/sys/ufs/chfs/chfs_vnops.c:1.4 src/sys/ufs/chfs/chfs_vnops.c:1.5 --- src/sys/ufs/chfs/chfs_vnops.c:1.4 Thu Apr 12 11:31:01 2012 +++ src/sys/ufs/chfs/chfs_vnops.c Tue Apr 17 15:15:16 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: chfs_vnops.c,v 1.4 2012/04/12 15:31:01 ttoth Exp $ */ +/* $NetBSD: chfs_vnops.c,v 1.5 2012/04/17 19:15:16 christos Exp $ */ /*- * Copyright (c) 2010 Department of Software Engineering, @@ -969,16 +969,14 @@ out: ip->iflag |= IN_CHANGE | IN_UPDATE; if (resid > uio->uio_resid && ap->a_cred) { if (ip->mode & ISUID) { - error = kauth_authorize_vnode(ap->a_cred, KAUTH_VNODE_RETAIN_SUID, vp, - NULL, EPERM); - if (error) + if (kauth_authorize_vnode(ap->a_cred, + KAUTH_VNODE_RETAIN_SUID, vp, NULL, EPERM) != 0) ip->mode &= ~ISUID; } if (ip->mode & ISGID) { - error = kauth_authorize_vnode(ap->a_cred, KAUTH_VNODE_RETAIN_SGID, vp, - NULL, EPERM); - if (error) + if (kauth_authorize_vnode(ap->a_cred, + KAUTH_VNODE_RETAIN_SGID, vp, NULL, EPERM) != 0) ip->mode &= ~ISGID; } } Index: src/sys/ufs/ext2fs/ext2fs_readwrite.c diff -u src/sys/ufs/ext2fs/ext2fs_readwrite.c:1.59 src/sys/ufs/ext2fs/ext2fs_readwrite.c:1.60 --- src/sys/ufs/ext2fs/ext2fs_readwrite.c:1.59 Tue Mar 13 14:41:03 2012 +++ src/sys/ufs/ext2fs/ext2fs_readwrite.c Tue Apr 17 15:15:16 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: ext2fs_readwrite.c,v 1.59 2012/03/13 18:41:03 elad Exp $ */ +/* $NetBSD: ext2fs_readwrite.c,v 1.60 2012/04/17 19:15:16 christos Exp $ */ /*- * Copyright (c) 1993 @@ -60,7 +60,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(0, "$NetBSD: ext2fs_readwrite.c,v 1.59 2012/03/13 18:41:03 elad Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ext2fs_readwrite.c,v 1.60 2012/04/17 19:15:16 christos Exp $"); #include <sys/param.h> #include <sys/systm.h> @@ -378,16 +378,14 @@ out: ip->i_flag |= IN_ACCESS; if (resid > uio->uio_resid && ap->a_cred) { if (ip->i_e2fs_mode & ISUID) { - error = kauth_authorize_vnode(ap->a_cred, KAUTH_VNODE_RETAIN_SUID, vp, - NULL, EPERM); - if (error) + if (kauth_authorize_vnode(ap->a_cred, + KAUTH_VNODE_RETAIN_SUID, vp, NULL, EPERM) != 0) ip->i_e2fs_mode &= ISUID; } if (ip->i_e2fs_mode & ISGID) { - error = kauth_authorize_vnode(ap->a_cred, KAUTH_VNODE_RETAIN_SGID, vp, - NULL, EPERM); - if (error) + if (kauth_authorize_vnode(ap->a_cred, + KAUTH_VNODE_RETAIN_SGID, vp, NULL, EPERM) != 0) ip->i_e2fs_mode &= ~ISGID; } } Index: src/sys/ufs/ufs/ufs_readwrite.c diff -u src/sys/ufs/ufs/ufs_readwrite.c:1.102 src/sys/ufs/ufs/ufs_readwrite.c:1.103 --- src/sys/ufs/ufs/ufs_readwrite.c:1.102 Tue Mar 13 14:41:14 2012 +++ src/sys/ufs/ufs/ufs_readwrite.c Tue Apr 17 15:15:16 2012 @@ -1,4 +1,4 @@ -/* $NetBSD: ufs_readwrite.c,v 1.102 2012/03/13 18:41:14 elad Exp $ */ +/* $NetBSD: ufs_readwrite.c,v 1.103 2012/04/17 19:15:16 christos Exp $ */ /*- * Copyright (c) 1993 @@ -32,7 +32,7 @@ */ #include <sys/cdefs.h> -__KERNEL_RCSID(1, "$NetBSD: ufs_readwrite.c,v 1.102 2012/03/13 18:41:14 elad Exp $"); +__KERNEL_RCSID(1, "$NetBSD: ufs_readwrite.c,v 1.103 2012/04/17 19:15:16 christos Exp $"); #ifdef LFS_READWRITE #define FS struct lfs @@ -512,18 +512,16 @@ out: ip->i_flag |= IN_ACCESS; if (resid > uio->uio_resid && ap->a_cred) { if (ip->i_mode & ISUID) { - error = kauth_authorize_vnode(ap->a_cred, KAUTH_VNODE_RETAIN_SUID, vp, - NULL, EPERM); - if (error) { + if (kauth_authorize_vnode(ap->a_cred, + KAUTH_VNODE_RETAIN_SUID, vp, NULL, EPERM) != 0) { ip->i_mode &= ~ISUID; DIP_ASSIGN(ip, mode, ip->i_mode); } } if (ip->i_mode & ISGID) { - error = kauth_authorize_vnode(ap->a_cred, KAUTH_VNODE_RETAIN_SGID, vp, - NULL, EPERM); - if (error) { + if (kauth_authorize_vnode(ap->a_cred, + KAUTH_VNODE_RETAIN_SGID, vp, NULL, EPERM) != 0) { ip->i_mode &= ~ISGID; DIP_ASSIGN(ip, mode, ip->i_mode); }