summaryrefslogtreecommitdiff
path: root/libdiskfs/file-chflags.c
diff options
context:
space:
mode:
authorJustus Winter <4winter@informatik.uni-hamburg.de>2014-06-10 14:22:31 +0200
committerJustus Winter <4winter@informatik.uni-hamburg.de>2014-06-18 15:57:00 +0200
commit944cfdbe6cff4e8025a730228b48c1a21b4a2e33 (patch)
tree32accaee79c274514ead2fadd1a9975b2000fe8b /libdiskfs/file-chflags.c
parent8821d8a213008eb723414c6c70de384830ea10d7 (diff)
libdiskfs: add permission check to file_chflags
Only root is allowed to change the high 16 bits. The TODO entry says otherwise, but that must be a mistake. For reference, see the glibc sources, sysdeps/mach/hurd/bits/stat.h. * libdiskfs/file-chflags.c (diskfs_S_file_chflags): Add permission check. * TODO (libdiskfs): Remove entry.
Diffstat (limited to 'libdiskfs/file-chflags.c')
-rw-r--r--libdiskfs/file-chflags.c8
1 files changed, 8 insertions, 0 deletions
diff --git a/libdiskfs/file-chflags.c b/libdiskfs/file-chflags.c
index 01dc495c..a29ff07c 100644
--- a/libdiskfs/file-chflags.c
+++ b/libdiskfs/file-chflags.c
@@ -23,8 +23,15 @@ kern_return_t
diskfs_S_file_chflags (struct protid *cred,
int flags)
{
+#define HI(X) ((X) & 0xffff0000u)
CHANGE_NODE_FIELD (cred,
({
+ /* Only root is allowed to change the high 16
+ bits. */
+ if ((HI (flags) != HI (np->dn_stat.st_flags))
+ && ! idvec_contains (cred->user->uids, 0))
+ return EPERM;
+
err = fshelp_isowner (&np->dn_stat, cred->user);
if (!err)
err = diskfs_validate_flags_change (np, flags);
@@ -37,4 +44,5 @@ diskfs_S_file_chflags (struct protid *cred,
diskfs_notice_filechange(np, FILE_CHANGED_META,
0, 0);
}));
+#undef HI
}