issue with unsetting 'arch' flag

Garrett Cooper gcooper at FreeBSD.org
Fri Oct 8 00:42:58 UTC 2010


On Thu, Oct 7, 2010 at 11:45 AM, Jaakko Heinonen <jh at freebsd.org> wrote:
> On 2010-10-06, Alexander Best wrote:
>> $ sudo rm -d /tmp/chflags.XXXXXX
>> $ tmpfile=`mktemp /tmp/chflags.XXXXXX`
>> $ sudo chflags arch $tmpfile
>> $ chflags noarch $tmpfile
>>
>> is what's causing the problem. the last chflags call should fail, but it
>> doesn't.
>
> Here is a patch for UFS:
>
> %%%
> Index: sys/ufs/ufs/ufs_vnops.c
> ===================================================================
> --- sys/ufs/ufs/ufs_vnops.c     (revision 213507)
> +++ sys/ufs/ufs/ufs_vnops.c     (working copy)
> @@ -556,6 +556,9 @@ ufs_setattr(ap)
>                            & (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND) ||
>                            (vap->va_flags & UF_SETTABLE) != vap->va_flags)
>                                return (EPERM);
> +                       if ((ip->i_flags & SF_SETTABLE) !=
> +                           (vap->va_flags & SF_SETTABLE))
> +                               return (EPERM);
>                        ip->i_flags &= SF_SETTABLE;
>                        ip->i_flags |= (vap->va_flags & UF_SETTABLE);
>                        DIP_SET(ip, i_flags, ip->i_flags);
> %%%
>
> The patch has a potential to break something if someone assumes that
> non-super-user can modify UF_SETTABLE flags with the SF_SETTABLE part
> set to zero. However with a quick peek this seems to be what NetBSD
> does.

This seems ok in terms of the original issue that Alexander reported.
Thanks,
-Garrett


More information about the freebsd-hackers mailing list