On Wed, Sep 05, 2012 at 12:14:11PM -0500, Eric Haszlakiewicz wrote: > > > > > > Changing it to effective uid seems like a good plan. > > > > > > > > > > The change below fixes the test case. Is it safe to commit? > > > > > > > > It fixes the test case, but it is still wrong. This UID check > > > > needs to be implemented in the kauth listener (adding a specific > > > > case for this action if there's not one) not open-coded in the UFS > > code. > > > > > > Here's a (completely untested) patch that should do that. > > > > ...I don't think the check belongs in secmodel_suser.c, does it? > > > > Or is that the general dumping ground for standard Unix security > > semantics? > > I don't know. I just used the only place where the KAUTH_SYSTEM_FS_QUOTA > request was implemented.
Yeah, I think it's supposed to be somewhere else. It should be handled the same way owner access to files is, I guess, but I have no idea what that is. -- David A. Holland [email protected]
