move audit/priviliage check into VFS
Howard Su
howard0su at gmail.com
Mon Apr 23 23:22:35 UTC 2007
On 4/23/07, Robert Watson <rwatson at freebsd.org> wrote:
>
>
> Pawel and I have talked about this a bit in the past -- vaccess(9) and
> vaccess_acl_posix1e(9) were really the first step in abstracting file system
> access control decisions, and aren't a bad step -- they certainly cover a lot
> of the previously plentifully replicated cases (countless foo_access() VOP
> implementations). However, I think we should be restrained and do a bit of
> experimentation -- sometimes as much work could be done bundling up the common
> arguments to deliver them to a central access check as is done in having the
> access check appear in the calling code itself. Can we refine VOP_ACCESS() a
> bit further to get what we need, or do we need new common functions?
>
In FS dependent code, we don't only call VOP_ACCESS, but also check
some flags like ISUID, ISGID, NOUNLINK, APPEND, etc. This sort of
stuffs are so easy to regerssion when I work on tmpfs and it should be
almost same code in all the FS. However VFS don't have this sort of
information in vnode structure. Is this can be added?
--
-Howard
More information about the freebsd-arch
mailing list