PERFORCE change 107077 for review

Sun Oct 1 23:55:05 PDT 2006

http://perforce.freebsd.org/chv.cgi?CH=107077

Change 107077 by rwatson at rwatson_peppercorn on 2006/10/02 06:54:21

	Merge 7.x subr_acl_posix1e.c changes to 6.x kern_acl.c.

Affected files ...

.. //depot/projects/trustedbsd/priv6/src/sys/kern/kern_acl.c#3 edit

Differences ...

==== //depot/projects/trustedbsd/priv6/src/sys/kern/kern_acl.c#3 (text+ko) ====

@@ -76,54 +76,50 @@
 {
 	struct acl_entry *acl_other, *acl_mask;
 	mode_t dac_granted;
-	mode_t cap_granted;
+	mode_t priv_granted;
 	mode_t acl_mask_granted;
 	int group_matched, i;
 
 	/*
 	 * Look for a normal, non-privileged way to access the file/directory
-	 * as requested.  If it exists, go with that.  Otherwise, attempt
-	 * to use privileges granted via cap_granted.  In some cases,
-	 * which privileges to use may be ambiguous due to "best match",
-	 * in which case fall back on first match for the time being.
+	 * as requested.  If it exists, go with that.  Otherwise, attempt to
+	 * use privileges granted via priv_granted.  In some cases, which
+	 * privileges to use may be ambiguous due to "best match", in which
+	 * case fall back on first match for the time being.
 	 */
 	if (privused != NULL)
 		*privused = 0;
 
 	/*
-	 * Determine privileges now, but don't apply until we've found
-	 * a DAC entry that matches but has failed to allow access.
+	 * Determine privileges now, but don't apply until we've found a DAC
+	 * entry that matches but has failed to allow access.
+	 *
+	 * XXXRW: Ideally, we'd determine the privileges required before
+	 * asking for them.
 	 */
-#ifndef CAPABILITIES
-	if (suser_cred(cred, SUSER_ALLOWJAIL) == 0)
-		cap_granted = VALLPERM;
-	else
-		cap_granted = 0;
-#else
-	cap_granted = 0;
+	priv_granted = 0;
 
 	if (type == VDIR) {
-		if ((acc_mode & VEXEC) && !cap_check(cred, NULL,
-		     CAP_DAC_READ_SEARCH, SUSER_ALLOWJAIL))
-			cap_granted |= VEXEC;
+		if ((acc_mode & VEXEC) && !priv_check_cred(cred,
+		     PRIV_VFS_LOOKUP, SUSER_ALLOWJAIL))
+			priv_granted |= VEXEC;
 	} else {
-		if ((acc_mode & VEXEC) && !cap_check(cred, NULL,
-		    CAP_DAC_EXECUTE, SUSER_ALLOWJAIL))
-			cap_granted |= VEXEC;
+		if ((acc_mode & VEXEC) && !priv_check_cred(cred,
+		    PRIV_VFS_EXEC, SUSER_ALLOWJAIL))
+			priv_granted |= VEXEC;
 	}
 
-	if ((acc_mode & VREAD) && !cap_check(cred, NULL, CAP_DAC_READ_SEARCH,
+	if ((acc_mode & VREAD) && !priv_check_cred(cred, PRIV_VFS_READ,
 	    SUSER_ALLOWJAIL))
-		cap_granted |= VREAD;
+		priv_granted |= VREAD;
 
 	if (((acc_mode & VWRITE) || (acc_mode & VAPPEND)) &&
-	    !cap_check(cred, NULL, CAP_DAC_WRITE, SUSER_ALLOWJAIL))
-		cap_granted |= (VWRITE | VAPPEND);
+	    !priv_check_cred(cred, PRIV_VFS_WRITE, SUSER_ALLOWJAIL))
+		priv_granted |= (VWRITE | VAPPEND);
 
-	if ((acc_mode & VADMIN) && !cap_check(cred, NULL, CAP_FOWNER,
+	if ((acc_mode & VADMIN) && !priv_check_cred(cred, PRIV_VFS_ADMIN,
 	    SUSER_ALLOWJAIL))
-		cap_granted |= VADMIN;
-#endif /* CAPABILITIES */
+		priv_granted |= VADMIN;
 
 	/*
 	 * The owner matches if the effective uid associated with the
