A question about ipcperm() call?
李尚杰
shangjie.li at gmail.com
Mon Jul 24 02:07:30 UTC 2006
The code for ipcperm() call :
78 ipcperm(td, perm, mode)
79 struct thread *td;
80 struct ipc_perm *perm;
81 int mode;
82 {
83 struct ucred *cred = td->td_ucred;
84 int error;
85
86 if (cred->cr_uid != perm->cuid && cred->cr_uid != perm->uid) {
87 /*
88 * For a non-create/owner, we require privilege to
89 * modify the object protections. Note: some other
90 * implementations permit IPC_M to be delegated to
91 * unprivileged non-creator/owner uids/gids.
92 */
93 if (mode & IPC_M) {
94 error = suser(td);
95 if (error)
96 return (error);
97 }
98 /*
99 * Try to match against creator/owner group; if not, fall
100 * back on other.
101 */
102 mode >>= 3;
103 if (!groupmember(perm->gid, cred) &&
104 !groupmember(perm->cgid, cred))
105 mode >>= 3;
106 } else {
107 /*
108 * Always permit the creator/owner to update the object
109 * protections regardless of whether the object mode
110 * permits it.
111 */
112 if (mode & IPC_M)
113 return (0);
114 }
115
116 if ((mode & perm->mode) != mode) {
117 if (suser(td) != 0)
118 return (EACCES);
119 }
120 return (0);
121 }
why not directly return the error in line 94?
|Institute of Software, Chinese Academy of Sciences,
|P.O. Box 8718, Beijing 100080, CHINA
|Phone: (8610)62561197/62635158-1008(O), 82680528(H)
|Email: shangjie02 at ios.cn
>---------------------------------------------------<
More information about the freebsd-hackers
mailing list