Generalize ipcperm() a little.
This commit is contained in:
parent
62843870cc
commit
30cbcb7e80
@ -34,28 +34,28 @@
|
||||
*/
|
||||
|
||||
int
|
||||
ipcperm(uc, perm, mode)
|
||||
struct ucred *uc;
|
||||
ipcperm(cred, perm, mode)
|
||||
struct ucred *cred;
|
||||
struct ipc_perm *perm;
|
||||
int mode;
|
||||
{
|
||||
int i = 0;
|
||||
|
||||
if (uc->cr_uid == 0)
|
||||
return(0);
|
||||
if (cred->cr_uid == 0)
|
||||
return (0);
|
||||
|
||||
/*
|
||||
* Does the user have permission?
|
||||
*/
|
||||
if (uc->cr_uid != perm->cuid && uc->cr_uid != perm->uid) {
|
||||
i = 3;
|
||||
/*
|
||||
* Does the group have permission?
|
||||
*/
|
||||
if (!groupmember(perm->gid, uc) && !groupmember(perm->cgid, uc))
|
||||
i += 3;
|
||||
/* Check for user match. */
|
||||
if (cred->cr_uid != perm->cuid && cred->cr_uid != perm->uid) {
|
||||
if (mode & IPC_M)
|
||||
return (EPERM);
|
||||
/* Check for group match. */
|
||||
mode >>= 3;
|
||||
if (!groupmember(perm->gid, cred) &&
|
||||
!groupmember(perm->cgid, cred))
|
||||
/* Check for `other' match. */
|
||||
mode >>= 3;
|
||||
}
|
||||
|
||||
if (((mode&0700) & (perm->mode << i)) != mode)
|
||||
return(EACCES);
|
||||
if (mode & IPC_M)
|
||||
return (0);
|
||||
return ((mode & perm->mode) == mode ? 0 : EACCES);
|
||||
}
|
||||
|
@ -16,7 +16,7 @@
|
||||
*
|
||||
* This software is provided ``AS IS'' without any warranties of any kind.
|
||||
*
|
||||
* $Id: sysv_msg.c,v 1.6 1994/05/25 02:14:33 hpeyerl Exp $
|
||||
* $Id: sysv_msg.c,v 1.7 1994/05/25 08:15:47 mycroft Exp $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -195,12 +195,8 @@ msgctl(p, uap, retval)
|
||||
case IPC_RMID:
|
||||
{
|
||||
struct msg *msghdr;
|
||||
|
||||
if (cred->cr_uid != 0 &&
|
||||
msqptr->msg_perm.cuid != cred->cr_uid &&
|
||||
msqptr->msg_perm.uid != cred->cr_uid)
|
||||
return(EPERM);
|
||||
|
||||
if ((eval = ipcperm(cred, &msgptr->msg_perm, IPC_M)))
|
||||
return(eval);
|
||||
/* Free the message headers */
|
||||
msghdr = msqptr->msg_first;
|
||||
while (msghdr != NULL) {
|
||||
@ -227,10 +223,8 @@ msgctl(p, uap, retval)
|
||||
break;
|
||||
|
||||
case IPC_SET:
|
||||
if (cred->cr_uid != 0 &&
|
||||
msqptr->msg_perm.cuid != cred->cr_uid &&
|
||||
msqptr->msg_perm.uid != cred->cr_uid)
|
||||
return(EPERM);
|
||||
if ((eval = ipcperm(cred, &msgptr->msg_perm, IPC_M)))
|
||||
return(eval);
|
||||
if ((eval = copyin(user_msqptr, &msqbuf, sizeof(msqbuf))) != 0)
|
||||
return(eval);
|
||||
if (msqbuf.msg_qbytes > msqptr->msg_qbytes && cred->cr_uid != 0)
|
||||
|
@ -5,7 +5,7 @@
|
||||
*
|
||||
* This software is provided ``AS IS'' without any warranties of any kind.
|
||||
*
|
||||
* $Id: sysv_sem.c,v 1.7 1994/05/25 02:14:29 hpeyerl Exp $
|
||||
* $Id: sysv_sem.c,v 1.8 1994/05/25 08:15:49 mycroft Exp $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -324,10 +324,8 @@ semctl(p, uap, retval)
|
||||
|
||||
switch (cmd) {
|
||||
case IPC_RMID:
|
||||
if (cred->cr_uid != 0 &&
|
||||
semaptr->sem_perm.cuid != cred->cr_uid &&
|
||||
semaptr->sem_perm.uid != cred->cr_uid)
|
||||
return(EPERM);
|
||||
if ((eval = ipcperm(cred, &semaptr->sem_perm, IPC_M)))
|
||||
return(eval);
|
||||
semaptr->sem_perm.cuid = cred->cr_uid;
|
||||
semaptr->sem_perm.uid = cred->cr_uid;
|
||||
semtot -= semaptr->sem_nsems;
|
||||
@ -344,10 +342,8 @@ semctl(p, uap, retval)
|
||||
break;
|
||||
|
||||
case IPC_SET:
|
||||
if (cred->cr_uid != 0 &&
|
||||
semaptr->sem_perm.cuid != cred->cr_uid &&
|
||||
semaptr->sem_perm.uid != cred->cr_uid)
|
||||
return(EPERM);
|
||||
if ((eval = ipcperm(cred, &semaptr->sem_perm, IPC_M)))
|
||||
return(eval);
|
||||
if ((eval = copyin(arg, &real_arg, sizeof(real_arg))) != 0)
|
||||
return(eval);
|
||||
if ((eval = copyin(real_arg.buf, (caddr_t)&sbuf,
|
||||
|
@ -351,10 +351,8 @@ shmctl(p, uap, retval)
|
||||
return error;
|
||||
break;
|
||||
case IPC_SET:
|
||||
if (cred->cr_uid != 0 &&
|
||||
shmseg->shm_perm.cuid != cred->cr_uid &&
|
||||
shmseg->shm_perm.uid != cred->cr_uid)
|
||||
return EPERM;
|
||||
if (error = ipcperm(cred, &shmseg->shm_perm, IPC_M))
|
||||
return error;
|
||||
if (error = copyin(uap->ubuf, (caddr_t)&inbuf, sizeof(inbuf)))
|
||||
return error;
|
||||
shmseg->shm_perm.uid = inbuf.shm_perm.uid;
|
||||
@ -365,10 +363,8 @@ shmctl(p, uap, retval)
|
||||
shmseg->shm_ctime = time.tv_sec;
|
||||
break;
|
||||
case IPC_RMID:
|
||||
if (cred->cr_uid != 0 &&
|
||||
shmseg->shm_perm.cuid != cred->cr_uid &&
|
||||
shmseg->shm_perm.uid != cred->cr_uid)
|
||||
return EPERM;
|
||||
if (error = ipcperm(cred, &shmseg->shm_perm, IPC_M))
|
||||
return error;
|
||||
shmseg->shm_perm.key = IPC_PRIVATE;
|
||||
shmseg->shm_perm.mode |= SHMSEG_REMOVED;
|
||||
if (shmseg->shm_nattch <= 0) {
|
||||
|
@ -41,7 +41,7 @@
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* from: @(#)ipc.h 8.3 (Berkeley) 1/21/94
|
||||
* $Id: ipc.h,v 1.7 1994/05/21 04:13:59 cgd Exp $
|
||||
* $Id: ipc.h,v 1.8 1994/05/25 08:16:02 mycroft Exp $
|
||||
*/
|
||||
|
||||
/*
|
||||
@ -65,6 +65,7 @@ struct ipc_perm {
|
||||
/* common mode bits */
|
||||
#define IPC_R 00400 /* read permission */
|
||||
#define IPC_W 00200 /* write/alter permission */
|
||||
#define IPC_M 10000 /* permission to change control info */
|
||||
|
||||
/* SVID required constants (same values as system 5) */
|
||||
#define IPC_CREAT 01000 /* create entry if key does not exist */
|
||||
|
Loading…
Reference in New Issue
Block a user