PERFORCE change 92985 for review
Todd Miller
millert at FreeBSD.org
Wed Mar 8 13:12:58 PST 2006
http://perforce.freebsd.org/chv.cgi?CH=92985
Change 92985 by millert at millert_g5tower on 2006/03/08 21:11:39
Back out last revision. Old behavior was consistent with SELinux.
Affected files ...
.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd.c#36 edit
Differences ...
==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd.c#36 (text+ko) ====
@@ -306,10 +306,6 @@
{
access_vector_t av = 0;
- /* per access(2), mask == 0 means only check for existence */
- if (mask == 0)
- return FILE__ACCESS;
-
if (vt != VDIR) {
if (mask & VEXEC)
av |= FILE__EXECUTE;
@@ -1243,8 +1239,6 @@
&osec->sid);
}
-extern int selinux_enforcing;
-
static int
sebsd_check_ipc_method(struct label *subj, struct label *obj, int msgid)
{
@@ -1708,7 +1702,10 @@
struct label *filelabel, int acc_mode)
{
- /* NOTE: acc_mode == 0 is legal for access(2) */
+ /* existence check (F_OK) */
+ if (acc_mode == 0)
+ return 0;
+
return (vnode_has_perm(cred, vp, file_mask_to_av(vp->v_type, acc_mode),
NULL));
}
More information about the trustedbsd-cvs
mailing list