sysv_ipc.c broken in v1.30 (was Re: sysvshm appearse broken in
-current)
Andrey Chernov
ache at FreeBSD.org
Sat Dec 16 04:51:39 PST 2006
On Sat, Dec 16, 2006 at 12:11:05PM +0000, Robert Watson wrote:
> > * Always permit the creator/owner to update the object
> > * protections regardless of whether the object mode
> > * permits it.
> > */
> > if (mode & IPC_M)
> > return (0);
> >
> >I.e. old code not even check for IPC_W or IPC_R in case of IPC_M presense.
>
> Is this conclusion a supposition or the result of testing? Could you test
> and see if this is true?
It comes just from code reading. First check for owner and next check for
IPC_M bit _only_ (no other bits!) then return (0) i.e. success.
> >Moreover, old code allows _anything_ for suser:
> The new code should also allow anything, as long as the bits passed into
> ipcperm() as requested modes are valid. There's certainly a bug here
I mean anything for suser ignoring completely any modes passed.
I.e. no EACCES should happen for suser in _any_ mode combination.
--
http://ache.pp.ru/
More information about the freebsd-current
mailing list