| vfs_acl.c (91406) | vfs_acl.c (92666) |
|---|---|
| 1/*- 2 * Copyright (c) 1999-2001 Robert N. M. Watson 3 * All rights reserved. 4 * 5 * This software was developed by Robert Watson for the TrustedBSD Project. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions --- 11 unchanged lines hidden (view full) --- 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 * | 1/*- 2 * Copyright (c) 1999-2001 Robert N. M. Watson 3 * All rights reserved. 4 * 5 * This software was developed by Robert Watson for the TrustedBSD Project. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions --- 11 unchanged lines hidden (view full) --- 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 * |
| 28 * $FreeBSD: head/sys/kern/vfs_acl.c 91406 2002-02-27 18:32:23Z jhb $ | 28 * $FreeBSD: head/sys/kern/vfs_acl.c 92666 2002-03-19 11:02:06Z peter $ |
| 29 */ 30/* 31 * Developed by the TrustedBSD Project. 32 * Support for POSIX.1e access control lists. 33 */ 34 35#include "opt_cap.h" 36 --- 116 unchanged lines hidden (view full) --- 153 acl_mask = &acl->acl_entry[i]; 154 break; 155 156 case ACL_OTHER: 157 acl_other = &acl->acl_entry[i]; 158 break; 159 160 default: | 29 */ 30/* 31 * Developed by the TrustedBSD Project. 32 * Support for POSIX.1e access control lists. 33 */ 34 35#include "opt_cap.h" 36 --- 116 unchanged lines hidden (view full) --- 153 acl_mask = &acl->acl_entry[i]; 154 break; 155 156 case ACL_OTHER: 157 acl_other = &acl->acl_entry[i]; 158 break; 159 160 default: |
| 161 break; |
|
| 161 } 162 } 163 164 /* 165 * An ACL_OTHER entry should always exist in a valid access 166 * ACL. If it doesn't, then generate a serious failure. For now, 167 * this means a debugging message and EPERM, but in the future 168 * should probably be a panic. --- 100 unchanged lines hidden (view full) --- 269 270 if ((acc_mode & dac_granted) == acc_mode) 271 return (0); 272 273 group_matched = 1; 274 break; 275 276 default: | 162 } 163 } 164 165 /* 166 * An ACL_OTHER entry should always exist in a valid access 167 * ACL. If it doesn't, then generate a serious failure. For now, 168 * this means a debugging message and EPERM, but in the future 169 * should probably be a panic. --- 100 unchanged lines hidden (view full) --- 270 271 if ((acc_mode & dac_granted) == acc_mode) 272 return (0); 273 274 group_matched = 1; 275 break; 276 277 default: |
| 278 break; |
|
| 277 } 278 } 279 280 if (group_matched == 1) { 281 /* 282 * There was a match, but it did not grant rights via 283 * pure DAC. Try again, this time with privilege. 284 */ --- 36 unchanged lines hidden (view full) --- 321 acc_mode) 322 break; 323 324 if (privused != NULL) 325 *privused = 1; 326 return (0); 327 328 default: | 279 } 280 } 281 282 if (group_matched == 1) { 283 /* 284 * There was a match, but it did not grant rights via 285 * pure DAC. Try again, this time with privilege. 286 */ --- 36 unchanged lines hidden (view full) --- 323 acc_mode) 324 break; 325 326 if (privused != NULL) 327 *privused = 1; 328 return (0); 329 330 default: |
| 331 break; |
|
| 329 } 330 } 331 /* 332 * Even with privilege, group membership was not sufficient. 333 * Return failure. 334 */ 335 goto error; 336 } --- 493 unchanged lines hidden --- | 332 } 333 } 334 /* 335 * Even with privilege, group membership was not sufficient. 336 * Return failure. 337 */ 338 goto error; 339 } --- 493 unchanged lines hidden --- |