cvs commit: src/lib/libc/sys chown.2

Pawel Jakub Dawidek pjd at FreeBSD.org
Wed Dec 13 08:06:06 PST 2006 

On Thu, Dec 14, 2006 at 02:31:52AM +1100, Bruce Evans wrote:
> On Wed, 13 Dec 2006, Pawel Jakub Dawidek wrote:
> 
> >pjd         2006-12-13 11:46:38 UTC
> >
> > FreeBSD src repository
> >
> > Modified files:
> >   lib/libc/sys         chown.2
> > Log:
> > Be more precise with EPERM description. When chown(2) is a no-op, it will
> > return 0.
> 
> VADMIN access is still required for null changes.  This normally means
> that the the caller must own the file, but there are complications for
> ACLs. [...]

Right, my testing wasn't precise.

But still, if I pass uid=-1 and gid=-1 it works always (I don't have to
have VADMIN access).

> [...] Also, non-null changes within the group don't require super-user
> permissions.

Right.

> The details for this are hard to describe. They are at least as complicated
> as:
> - the effective uid must be the super-user, unless all of the following:
>   . it is the same as the file's uid, or [complications for ACLs]
>   . the change to the uids of the file is null
>   . [permission is never granted based solely on the egid-- check this]
>   . the change to the gids is either null or the new file gid is in the
>     same group as the egid.
>   . [nothing is required or the old file gid -- check this]
> I used fine print in POSIX to justify permitting null changes to the
> gid.  FreeBSD-1 doesn't allow this.  My reasoning was something like
> "non-null changes (from a gid not in our group to one in our group)
> are permitted (if euid == old file uid == new file uid), so why disallow
> null changes?  The uid checks should be sufficient."  McKusick agreed
> with this.

Do you have a suggestion how we can describe it properly?

> All this is mainly for ffs.  Many file systems are probably still
> stricter.  Some non-POSIX ones should be less strict when they only
> have fake attributes and the fake attributes get in the way of making
> null changes.

I'm going to check this. I'm writting regression tests based on UFS
behaviour and want to run them on ZFS when I finish.
I'm trying to create protable code, so that we can try it on different
operating system and compare the results.

-- 
Pawel Jakub Dawidek                       http://www.wheel.pl
pjd at FreeBSD.org                           http://www.FreeBSD.org
FreeBSD committer                         Am I Evil? Yes, I Am!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/cvs-src/attachments/20061213/6137ecbd/attachment.pgp

More information about the cvs-src mailing list