Conditionalize the recognition of symbolic link permission by

per fs mount option `symperm'.

sbin/mount/mntopts.h

@@ -1,4 +1,4 @@
-/*	$NetBSD: mntopts.h,v 1.6 1997/09/16 12:22:43 lukem Exp $	*/
+/*	$NetBSD: mntopts.h,v 1.7 1997/10/30 22:49:35 enami Exp $	*/
 
 /*-
  * Copyright (c) 1994
@@ -54,6 +54,7 @@ struct mntopt {
 #define MOPT_USERQUOTA		{ "userquota",	0, 0, 0 }
 #define MOPT_GROUPQUOTA		{ "groupquota",	0, 0, 0 }
 #define MOPT_NOATIME		{ "atime",	1, MNT_NOATIME, 0 }
+#define MOPT_SYMPERM		{ "symperm",	0, MNT_SYMPERM, 0 }
 
 /* Control flags. */
 #define MOPT_FORCE		{ "force",	1, MNT_FORCE, 0 }
@@ -82,7 +83,8 @@ struct mntopt {
 	MOPT_NOEXEC,							\
 	MOPT_NOSUID,							\
 	MOPT_RDONLY,							\
-	MOPT_UNION
+	MOPT_UNION,							\
+	MOPT_SYMPERM
 
 void getmntopts __P((const char *, const struct mntopt *, int *, int *));
 extern int getmnt_silent;

sbin/mount/mount.8

@@ -1,4 +1,4 @@
-.\"	$NetBSD: mount.8,v 1.17 1997/10/20 09:11:24 enami Exp $
+.\"	$NetBSD: mount.8,v 1.18 1997/10/30 22:49:35 enami Exp $
 .\"
 .\" Copyright (c) 1980, 1989, 1991, 1993
 .\"	The Regents of the University of California.  All rights reserved.
@@ -159,6 +159,8 @@ Do not allow set-user-identifier or set-group-identifier bits to take effect.
 The same as
 .Fl r ;
 mount the file system read-only (even the super-user may not write it).
+.It symperm
+Recognize permission of symbolic link when reading or traversing link.
 .It sync
 All
 .Tn I/O

sys/kern/vfs_lookup.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: vfs_lookup.c,v 1.24 1997/10/11 00:08:08 enami Exp $	*/
+/*	$NetBSD: vfs_lookup.c,v 1.25 1997/10/30 22:47:06 enami Exp $	*/
 
 /*
  * Copyright (c) 1982, 1986, 1989, 1993
@@ -168,10 +168,12 @@ namei(ndp)
 			error = ELOOP;
 			break;
 		}
-		error = VOP_ACCESS(ndp->ni_vp, VEXEC, cnp->cn_cred,
-		    cnp->cn_proc);
-		if (error != 0)
-			break;
+		if (ndp->ni_vp->v_mount->mnt_flag & MNT_SYMPERM) {
+			error = VOP_ACCESS(ndp->ni_vp, VEXEC, cnp->cn_cred,
+			    cnp->cn_proc);
+			if (error != 0)
+				break;
+		}
 		if (ndp->ni_pathlen > 1)
 			MALLOC(cp, char *, MAXPATHLEN, M_NAMEI, M_WAITOK);
 		else

sys/kern/vfs_syscalls.c

@@ -1,4 +1,4 @@
-/*	$NetBSD: vfs_syscalls.c,v 1.105 1997/10/20 22:05:09 thorpej Exp $	*/
+/*	$NetBSD: vfs_syscalls.c,v 1.106 1997/10/30 22:47:08 enami Exp $	*/
 
 /*
  * Copyright (c) 1989, 1993
@@ -269,10 +269,10 @@ update:
 		mp->mnt_flag |= MNT_WANTRDWR;
 	mp->mnt_flag &=~ (MNT_NOSUID | MNT_NOEXEC | MNT_NODEV |
 	    MNT_SYNCHRONOUS | MNT_UNION | MNT_ASYNC | MNT_NOCOREDUMP |
-	    MNT_NOATIME);
+	    MNT_NOATIME | MNT_SYMPERM);
 	mp->mnt_flag |= SCARG(uap, flags) & (MNT_NOSUID | MNT_NOEXEC |
 	    MNT_NODEV | MNT_SYNCHRONOUS | MNT_UNION | MNT_ASYNC |
-	    MNT_NOCOREDUMP | MNT_NOATIME);
+	    MNT_NOCOREDUMP | MNT_NOATIME | MNT_SYMPERM);
 	/*
 	 * Mount the filesystem.
 	 */
@@ -1366,7 +1366,8 @@ sys_readlink(p, v, retval)
 	vp = nd.ni_vp;
 	if (vp->v_type != VLNK)
 		error = EINVAL;
-	else if ((error = VOP_ACCESS(vp, VREAD, p->p_ucred, p)) == 0) {
+	else if (!(vp->v_mount->mnt_flag & MNT_SYMPERM) ||
+	    (error = VOP_ACCESS(vp, VREAD, p->p_ucred, p)) == 0) {
 		aiov.iov_base = SCARG(uap, buf);
 		aiov.iov_len = SCARG(uap, count);
 		auio.uio_iov = &aiov;

sys/sys/mount.h

@@ -1,4 +1,4 @@
-/*	$NetBSD: mount.h,v 1.60 1997/10/19 01:37:53 fvdl Exp $	*/
+/*	$NetBSD: mount.h,v 1.61 1997/10/30 22:47:09 enami Exp $	*/
 
 /*
  * Copyright (c) 1989, 1991, 1993
@@ -135,6 +135,7 @@ struct mount {
 #define	MNT_ASYNC	0x00000040	/* file system written asynchronously */
 #define	MNT_NOCOREDUMP	0x00008000	/* don't write core dumps to this FS */
 #define MNT_NOATIME	0x04000000	/* Never update access times in fs */
+#define MNT_SYMPERM	0x20000000	/* recognize symlink permission */
 
 /*
  * exported mount flags.
@@ -156,8 +157,10 @@ struct mount {
 
 /*
  * Mask of flags that are visible to statfs()
+ * Since f_flags in struct statfs is short, this mask overflows on
+ * most architecture.  XXX.
  */
-#define	MNT_VISFLAGMASK	0x0400ffff
+#define	MNT_VISFLAGMASK	0x2400ffff
 
 /*
  * filesystem control flags.