fsaccess.c revision 290001 
1/*
2 * Copyright (C) 2004, 2005, 2007  Internet Systems Consortium, Inc. ("ISC")
3 * Copyright (C) 2000, 2001  Internet Software Consortium.
4 *
5 * Permission to use, copy, modify, and/or distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
10 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
11 * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
12 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
13 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
14 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
15 * PERFORMANCE OF THIS SOFTWARE.
16 */
17
18/* $Id: fsaccess.c,v 1.10 2007/06/19 23:47:17 tbox Exp $ */
19
20/*! \file
21 * \brief
22 * This file contains the OS-independent functionality of the API.
23 */
24#include <isc/fsaccess.h>
25#include <isc/result.h>
26#include <isc/util.h>
27
28/*!
29 * Shorthand.  Maybe ISC__FSACCESS_PERMISSIONBITS should not even be in
30 * <isc/fsaccess.h>.  Could check consistency with sizeof(isc_fsaccess_t)
31 * and the number of bits in each function.
32 */
33#define STEP		(ISC__FSACCESS_PERMISSIONBITS)
34#define GROUP		(STEP)
35#define OTHER		(STEP * 2)
36
37void
38isc_fsaccess_add(int trustee, int permission, isc_fsaccess_t *access) {
39	REQUIRE(trustee <= 0x7);
40	REQUIRE(permission <= 0xFF);
41
42	if ((trustee & ISC_FSACCESS_OWNER) != 0)
43		*access |= permission;
44
45	if ((trustee & ISC_FSACCESS_GROUP) != 0)
46		*access |= (permission << GROUP);
47
48	if ((trustee & ISC_FSACCESS_OTHER) != 0)
49		*access |= (permission << OTHER);
50}
51
52void
53isc_fsaccess_remove(int trustee, int permission, isc_fsaccess_t *access) {
54	REQUIRE(trustee <= 0x7);
55	REQUIRE(permission <= 0xFF);
56
57
58	if ((trustee & ISC_FSACCESS_OWNER) != 0)
59		*access &= ~permission;
60
61	if ((trustee & ISC_FSACCESS_GROUP) != 0)
62		*access &= ~(permission << GROUP);
63
64	if ((trustee & ISC_FSACCESS_OTHER) != 0)
65		*access &= ~(permission << OTHER);
66}
67
68static isc_result_t
69check_bad_bits(isc_fsaccess_t access, isc_boolean_t is_dir) {
70	isc_fsaccess_t bits;
71
72	/*
73	 * Check for disallowed user bits.
74	 */
75	if (is_dir)
76		bits = ISC_FSACCESS_READ |
77		       ISC_FSACCESS_WRITE |
78		       ISC_FSACCESS_EXECUTE;
79	else
80		bits = ISC_FSACCESS_CREATECHILD |
81		       ISC_FSACCESS_ACCESSCHILD |
82		       ISC_FSACCESS_DELETECHILD |
83		       ISC_FSACCESS_LISTDIRECTORY;
84
85	/*
86	 * Set group bad bits.
87	 */
88	bits |= bits << STEP;
89	/*
90	 * Set other bad bits.
91	 */
92	bits |= bits << STEP;
93
94	if ((access & bits) != 0) {
95		if (is_dir)
96			return (ISC_R_NOTFILE);
97		else
98			return (ISC_R_NOTDIRECTORY);
99	}
100
101	return (ISC_R_SUCCESS);
102}
103