cvs commit: src/sys/ufs/ufs quota.h ufs_quota.c ufs_vfsops.c
rwatson at FreeBSD.org
Sat Jun 14 23:36:21 PDT 2003
rwatson 2003/06/14 23:36:19 PDT
FreeBSD src repository
sys/ufs/ufs quota.h ufs_quota.c ufs_vfsops.c
Re-implement kernel access control for quotactl() as found in the
UFS quota implementation. Push some quite broken access control
logic out of ufs_quotactl() into the individual command
implementations in ufs_quota.c; fix that logic. Pass in the thread
argument to any quotactl command that will need to perform access
o quotaon() requires privilege (PRISON_ROOT).
o quotaoff() requires privilege (PRISON_ROOT).
o getquota() requires that:
If the type is USRQUOTA, either the effective uid match the
requested quota ID, that the unprivileged_get_quota flag be
set, or that the thread be privileged (PRISON_ROOT).
If the type is GRPQUOTA, require that either the thread be
a member of the group represented by the requested quota ID,
that the unprivileged_get_quota flag be set, or that the
thread be privileged (PRISON_ROOT).
o setquota() requires privilege (PRISON_ROOT).
o setuse() requires privilege (PRISON_ROOT).
o qsync() requires no special privilege (consistent with what
was present before, but probably not very useful).
Add a new sysctl, security.bsd.unprivileged_get_quota, which when
set to a non-zero value, will permit unprivileged users to query user
quotas with non-matching uids and gids. Set this to 0 by default
to be mostly consistent with the previous behavior (the same for
USRQUOTA, but not for GRPQUOTA).
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
Revision Changes Path
1.25 +3 -3 src/sys/ufs/ufs/quota.h
1.65 +51 -3 src/sys/ufs/ufs/ufs_quota.c
1.37 +4 -17 src/sys/ufs/ufs/ufs_vfsops.c
More information about the cvs-all