1258945Sroberto/* 2258945Sroberto * Copyright (C) 2004, 2005, 2007 Internet Systems Consortium, Inc. ("ISC") 3258945Sroberto * Copyright (C) 2000, 2001 Internet Software Consortium. 4258945Sroberto * 5258945Sroberto * Permission to use, copy, modify, and/or distribute this software for any 6258945Sroberto * purpose with or without fee is hereby granted, provided that the above 7258945Sroberto * copyright notice and this permission notice appear in all copies. 8258945Sroberto * 9258945Sroberto * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 10258945Sroberto * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 11258945Sroberto * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 12258945Sroberto * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 13258945Sroberto * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 14258945Sroberto * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 15258945Sroberto * PERFORMANCE OF THIS SOFTWARE. 16258945Sroberto */ 17258945Sroberto 18258945Sroberto/* $Id: fsaccess.c,v 1.10 2007/06/19 23:47:17 tbox Exp $ */ 19258945Sroberto 20258945Sroberto/*! \file 21258945Sroberto * \brief 22258945Sroberto * This file contains the OS-independent functionality of the API. 23258945Sroberto */ 24258945Sroberto#include <isc/fsaccess.h> 25258945Sroberto#include <isc/result.h> 26258945Sroberto#include <isc/util.h> 27258945Sroberto 28258945Sroberto/*! 29258945Sroberto * Shorthand. Maybe ISC__FSACCESS_PERMISSIONBITS should not even be in 30258945Sroberto * <isc/fsaccess.h>. Could check consistency with sizeof(isc_fsaccess_t) 31258945Sroberto * and the number of bits in each function. 32258945Sroberto */ 33258945Sroberto#define STEP (ISC__FSACCESS_PERMISSIONBITS) 34258945Sroberto#define GROUP (STEP) 35258945Sroberto#define OTHER (STEP * 2) 36258945Sroberto 37258945Srobertovoid 38258945Srobertoisc_fsaccess_add(int trustee, int permission, isc_fsaccess_t *access) { 39258945Sroberto REQUIRE(trustee <= 0x7); 40258945Sroberto REQUIRE(permission <= 0xFF); 41258945Sroberto 42258945Sroberto if ((trustee & ISC_FSACCESS_OWNER) != 0) 43258945Sroberto *access |= permission; 44258945Sroberto 45258945Sroberto if ((trustee & ISC_FSACCESS_GROUP) != 0) 46258945Sroberto *access |= (permission << GROUP); 47258945Sroberto 48258945Sroberto if ((trustee & ISC_FSACCESS_OTHER) != 0) 49258945Sroberto *access |= (permission << OTHER); 50258945Sroberto} 51258945Sroberto 52258945Srobertovoid 53258945Srobertoisc_fsaccess_remove(int trustee, int permission, isc_fsaccess_t *access) { 54258945Sroberto REQUIRE(trustee <= 0x7); 55258945Sroberto REQUIRE(permission <= 0xFF); 56258945Sroberto 57258945Sroberto 58258945Sroberto if ((trustee & ISC_FSACCESS_OWNER) != 0) 59258945Sroberto *access &= ~permission; 60258945Sroberto 61258945Sroberto if ((trustee & ISC_FSACCESS_GROUP) != 0) 62258945Sroberto *access &= ~(permission << GROUP); 63258945Sroberto 64258945Sroberto if ((trustee & ISC_FSACCESS_OTHER) != 0) 65258945Sroberto *access &= ~(permission << OTHER); 66258945Sroberto} 67258945Sroberto 68258945Srobertostatic isc_result_t 69258945Srobertocheck_bad_bits(isc_fsaccess_t access, isc_boolean_t is_dir) { 70258945Sroberto isc_fsaccess_t bits; 71258945Sroberto 72258945Sroberto /* 73258945Sroberto * Check for disallowed user bits. 74258945Sroberto */ 75258945Sroberto if (is_dir) 76258945Sroberto bits = ISC_FSACCESS_READ | 77258945Sroberto ISC_FSACCESS_WRITE | 78258945Sroberto ISC_FSACCESS_EXECUTE; 79258945Sroberto else 80258945Sroberto bits = ISC_FSACCESS_CREATECHILD | 81258945Sroberto ISC_FSACCESS_ACCESSCHILD | 82258945Sroberto ISC_FSACCESS_DELETECHILD | 83258945Sroberto ISC_FSACCESS_LISTDIRECTORY; 84258945Sroberto 85258945Sroberto /* 86258945Sroberto * Set group bad bits. 87258945Sroberto */ 88258945Sroberto bits |= bits << STEP; 89258945Sroberto /* 90258945Sroberto * Set other bad bits. 91258945Sroberto */ 92258945Sroberto bits |= bits << STEP; 93258945Sroberto 94258945Sroberto if ((access & bits) != 0) { 95258945Sroberto if (is_dir) 96258945Sroberto return (ISC_R_NOTFILE); 97258945Sroberto else 98258945Sroberto return (ISC_R_NOTDIRECTORY); 99258945Sroberto } 100258945Sroberto 101258945Sroberto return (ISC_R_SUCCESS); 102258945Sroberto} 103