Module Name: src
Committed By: christos
Date: Tue Apr 17 19:15:16 UTC 2012
Modified Files:
src/sys/kern: vfs_syscalls.c
src/sys/ufs/chfs: chfs_vnops.c
src/sys/ufs/ext2fs: ext2fs_readwrite.c
src/sys/ufs/ufs: ufs_readwrite.c
Log Message:
don't error out when chowning/chgrping or writing to a setuid/setgid file
without being the setuid user or group. Just turn off the bit like we did
before.
To generate a diff of this commit:
cvs rdiff -u -r1.450 -r1.451 src/sys/kern/vfs_syscalls.c
cvs rdiff -u -r1.4 -r1.5 src/sys/ufs/chfs/chfs_vnops.c
cvs rdiff -u -r1.59 -r1.60 src/sys/ufs/ext2fs/ext2fs_readwrite.c
cvs rdiff -u -r1.102 -r1.103 src/sys/ufs/ufs/ufs_readwrite.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/kern/vfs_syscalls.c
diff -u src/sys/kern/vfs_syscalls.c:1.450 src/sys/kern/vfs_syscalls.c:1.451
--- src/sys/kern/vfs_syscalls.c:1.450 Tue Mar 13 14:40:56 2012
+++ src/sys/kern/vfs_syscalls.c Tue Apr 17 15:15:15 2012
@@ -1,4 +1,4 @@
-/* $NetBSD: vfs_syscalls.c,v 1.450 2012/03/13 18:40:56 elad Exp $ */
+/* $NetBSD: vfs_syscalls.c,v 1.451 2012/04/17 19:15:15 christos Exp $ */
/*-
* Copyright (c) 2008, 2009 The NetBSD Foundation, Inc.
@@ -70,7 +70,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls.c,v 1.450 2012/03/13 18:40:56 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls.c,v 1.451 2012/04/17 19:15:15 christos Exp $");
#ifdef _KERNEL_OPT
#include "opt_fileassoc.h"
@@ -3360,15 +3360,13 @@ change_owner(struct vnode *vp, uid_t uid
* group-id settings intact in that case.
*/
if (vattr.va_mode & S_ISUID) {
- error = kauth_authorize_vnode(l->l_cred,
- KAUTH_VNODE_RETAIN_SUID, vp, NULL, EPERM);
- if (error)
+ if (kauth_authorize_vnode(l->l_cred,
+ KAUTH_VNODE_RETAIN_SUID, vp, NULL, EPERM) != 0)
newmode &= ~S_ISUID;
}
if (vattr.va_mode & S_ISGID) {
- error = kauth_authorize_vnode(l->l_cred,
- KAUTH_VNODE_RETAIN_SGID, vp, NULL, EPERM);
- if (error)
+ if (kauth_authorize_vnode(l->l_cred,
+ KAUTH_VNODE_RETAIN_SGID, vp, NULL, EPERM) != 0)
newmode &= ~S_ISGID;
}
} else {
Index: src/sys/ufs/chfs/chfs_vnops.c
diff -u src/sys/ufs/chfs/chfs_vnops.c:1.4 src/sys/ufs/chfs/chfs_vnops.c:1.5
--- src/sys/ufs/chfs/chfs_vnops.c:1.4 Thu Apr 12 11:31:01 2012
+++ src/sys/ufs/chfs/chfs_vnops.c Tue Apr 17 15:15:16 2012
@@ -1,4 +1,4 @@
-/* $NetBSD: chfs_vnops.c,v 1.4 2012/04/12 15:31:01 ttoth Exp $ */
+/* $NetBSD: chfs_vnops.c,v 1.5 2012/04/17 19:15:16 christos Exp $ */
/*-
* Copyright (c) 2010 Department of Software Engineering,
@@ -969,16 +969,14 @@ out:
ip->iflag |= IN_CHANGE | IN_UPDATE;
if (resid > uio->uio_resid && ap->a_cred) {
if (ip->mode & ISUID) {
- error = kauth_authorize_vnode(ap->a_cred, KAUTH_VNODE_RETAIN_SUID, vp,
- NULL, EPERM);
- if (error)
+ if (kauth_authorize_vnode(ap->a_cred,
+ KAUTH_VNODE_RETAIN_SUID, vp, NULL, EPERM) != 0)
ip->mode &= ~ISUID;
}
if (ip->mode & ISGID) {
- error = kauth_authorize_vnode(ap->a_cred, KAUTH_VNODE_RETAIN_SGID, vp,
- NULL, EPERM);
- if (error)
+ if (kauth_authorize_vnode(ap->a_cred,
+ KAUTH_VNODE_RETAIN_SGID, vp, NULL, EPERM) != 0)
ip->mode &= ~ISGID;
}
}
Index: src/sys/ufs/ext2fs/ext2fs_readwrite.c
diff -u src/sys/ufs/ext2fs/ext2fs_readwrite.c:1.59 src/sys/ufs/ext2fs/ext2fs_readwrite.c:1.60
--- src/sys/ufs/ext2fs/ext2fs_readwrite.c:1.59 Tue Mar 13 14:41:03 2012
+++ src/sys/ufs/ext2fs/ext2fs_readwrite.c Tue Apr 17 15:15:16 2012
@@ -1,4 +1,4 @@
-/* $NetBSD: ext2fs_readwrite.c,v 1.59 2012/03/13 18:41:03 elad Exp $ */
+/* $NetBSD: ext2fs_readwrite.c,v 1.60 2012/04/17 19:15:16 christos Exp $ */
/*-
* Copyright (c) 1993
@@ -60,7 +60,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ext2fs_readwrite.c,v 1.59 2012/03/13 18:41:03 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ext2fs_readwrite.c,v 1.60 2012/04/17 19:15:16 christos Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -378,16 +378,14 @@ out:
ip->i_flag |= IN_ACCESS;
if (resid > uio->uio_resid && ap->a_cred) {
if (ip->i_e2fs_mode & ISUID) {
- error = kauth_authorize_vnode(ap->a_cred, KAUTH_VNODE_RETAIN_SUID, vp,
- NULL, EPERM);
- if (error)
+ if (kauth_authorize_vnode(ap->a_cred,
+ KAUTH_VNODE_RETAIN_SUID, vp, NULL, EPERM) != 0)
ip->i_e2fs_mode &= ISUID;
}
if (ip->i_e2fs_mode & ISGID) {
- error = kauth_authorize_vnode(ap->a_cred, KAUTH_VNODE_RETAIN_SGID, vp,
- NULL, EPERM);
- if (error)
+ if (kauth_authorize_vnode(ap->a_cred,
+ KAUTH_VNODE_RETAIN_SGID, vp, NULL, EPERM) != 0)
ip->i_e2fs_mode &= ~ISGID;
}
}
Index: src/sys/ufs/ufs/ufs_readwrite.c
diff -u src/sys/ufs/ufs/ufs_readwrite.c:1.102 src/sys/ufs/ufs/ufs_readwrite.c:1.103
--- src/sys/ufs/ufs/ufs_readwrite.c:1.102 Tue Mar 13 14:41:14 2012
+++ src/sys/ufs/ufs/ufs_readwrite.c Tue Apr 17 15:15:16 2012
@@ -1,4 +1,4 @@
-/* $NetBSD: ufs_readwrite.c,v 1.102 2012/03/13 18:41:14 elad Exp $ */
+/* $NetBSD: ufs_readwrite.c,v 1.103 2012/04/17 19:15:16 christos Exp $ */
/*-
* Copyright (c) 1993
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(1, "$NetBSD: ufs_readwrite.c,v 1.102 2012/03/13 18:41:14 elad Exp $");
+__KERNEL_RCSID(1, "$NetBSD: ufs_readwrite.c,v 1.103 2012/04/17 19:15:16 christos Exp $");
#ifdef LFS_READWRITE
#define FS struct lfs
@@ -512,18 +512,16 @@ out:
ip->i_flag |= IN_ACCESS;
if (resid > uio->uio_resid && ap->a_cred) {
if (ip->i_mode & ISUID) {
- error = kauth_authorize_vnode(ap->a_cred, KAUTH_VNODE_RETAIN_SUID, vp,
- NULL, EPERM);
- if (error) {
+ if (kauth_authorize_vnode(ap->a_cred,
+ KAUTH_VNODE_RETAIN_SUID, vp, NULL, EPERM) != 0) {
ip->i_mode &= ~ISUID;
DIP_ASSIGN(ip, mode, ip->i_mode);
}
}
if (ip->i_mode & ISGID) {
- error = kauth_authorize_vnode(ap->a_cred, KAUTH_VNODE_RETAIN_SGID, vp,
- NULL, EPERM);
- if (error) {
+ if (kauth_authorize_vnode(ap->a_cred,
+ KAUTH_VNODE_RETAIN_SGID, vp, NULL, EPERM) != 0) {
ip->i_mode &= ~ISGID;
DIP_ASSIGN(ip, mode, ip->i_mode);
}
