1187647 access(2) does not completely check the path according to real user

author: Casper H.S. Dik <Casper.Dik@Sun.COM> 2009-05-20 10:46:07 +0200
committer: Casper H.S. Dik <Casper.Dik@Sun.COM> 2009-05-20 10:46:07 +0200
commit: 7a142be9307f4ef3f3dbe77bb364bea22cd33485 (patch)
tree: 2c85669da4c573f2eaa2799d80dea4bba32cc735 /usr/src
parent: b0de01ca41d65f7e8fb07b234ed373daca1be8af (diff)
download: illumos-joyent-7a142be9307f4ef3f3dbe77bb364bea22cd33485.tar.gz
3 files changed, 46 insertions, 27 deletions
diff --git a/usr/src/uts/common/fs/lookup.c b/usr/src/uts/common/fs/lookup.c
index 841c1a3052..ee87647398 100644
--- a/usr/src/uts/common/fs/lookup.c
+++ b/usr/src/uts/common/fs/lookup.c
@@ -19,7 +19,7 @@
  * CDDL HEADER END
  */
 /*
- * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -68,22 +68,23 @@ lookupname(
 	vnode_t **dirvpp,
 	vnode_t **compvpp)
 {
-	return (lookupnameat(fnamep, seg, followlink, dirvpp, compvpp, NULL));
+	return (lookupnameatcred(fnamep, seg, followlink, dirvpp, compvpp, NULL,
+	    CRED()));
 }
 
-
 /*
  * Lookup the user file name,
  * Handle allocation and freeing of pathname buffer, return error.
  */
 int
-lookupnameat(
+lookupnameatcred(
 	char *fnamep,			/* user pathname */
 	enum uio_seg seg,		/* addr space that name is in */
 	enum symfollow followlink,	/* follow sym links */
 	vnode_t **dirvpp,		/* ret for ptr to parent dir vnode */
 	vnode_t **compvpp,		/* ret for ptr to component vnode */
-	vnode_t *startvp)		/* start path search from vp */
+	vnode_t *startvp,		/* start path search from vp */
+	cred_t *cr)			/* credential */
 {
 	char namebuf[TYPICALMAXPATHLEN];
 	struct pathname lookpn;
@@ -93,8 +94,8 @@ lookupnameat(
 	if (error == 0) {
 		if (audit_active)
 			audit_lookupname();
-		error = lookuppnat(&lookpn, NULL, followlink,
-		    dirvpp, compvpp, startvp);
+		error = lookuppnatcred(&lookpn, NULL, followlink,
+		    dirvpp, compvpp, startvp, cr);
 	}
 	if (error == ENAMETOOLONG) {
 		/*
@@ -102,17 +103,22 @@ lookupnameat(
 		 */
 		if (error = pn_get(fnamep, seg, &lookpn))
 			return (error);
-		error = lookuppnat(&lookpn, NULL, followlink,
-		    dirvpp, compvpp, startvp);
+		error = lookuppnatcred(&lookpn, NULL, followlink,
+		    dirvpp, compvpp, startvp, cr);
 		pn_free(&lookpn);
 	}
 
 	return (error);
 }
 
-/*
- * Lookup the user file name from a given vp,
- */
+int
+lookupnameat(char *fnamep, enum uio_seg seg, enum symfollow followlink,
+    vnode_t **dirvpp, vnode_t **compvpp, vnode_t *startvp)
+{
+	return (lookupnameatcred(fnamep, seg, followlink, dirvpp, compvpp,
+	    startvp, CRED()));
+}
+
 int
 lookuppn(
 	struct pathname *pnp,
@@ -121,17 +127,22 @@ lookuppn(
 	vnode_t **dirvpp,
 	vnode_t **compvpp)
 {
-	return (lookuppnat(pnp, rpnp, followlink, dirvpp, compvpp, NULL));
+	return (lookuppnatcred(pnp, rpnp, followlink, dirvpp, compvpp, NULL,
+	    CRED()));
 }
 
+/*
+ * Lookup the user file name from a given vp, using a specific credential.
+ */
 int
-lookuppnat(
+lookuppnatcred(
 	struct pathname *pnp,		/* pathname to lookup */
 	struct pathname *rpnp,		/* if non-NULL, return resolved path */
 	enum symfollow followlink,	/* (don't) follow sym links */
 	vnode_t **dirvpp,		/* ptr for parent vnode */
 	vnode_t **compvpp,		/* ptr for entry vnode */
-	vnode_t *startvp)		/* start search from this vp */
+	vnode_t *startvp,		/* start search from this vp */
+	cred_t *cr)			/* user credential */
 {
 	vnode_t *vp;	/* current directory vp */
 	vnode_t *rootvp;
@@ -165,7 +176,16 @@ lookuppnat(
 	}
 
 	return (lookuppnvp(pnp, rpnp, followlink, dirvpp,
-	    compvpp, rootvp, vp, CRED()));
+	    compvpp, rootvp, vp, cr));
+}
+
+int
+lookuppnat(struct pathname *pnp, struct pathname *rpnp,
+    enum symfollow followlink, vnode_t **dirvpp, vnode_t **compvpp,
+    vnode_t *startvp)
+{
+	return (lookuppnatcred(pnp, rpnp, followlink, dirvpp, compvpp, startvp,
+	    CRED()));
 }
 
 /* Private flag to do our getcwd() dirty work */
diff --git a/usr/src/uts/common/sys/pathname.h b/usr/src/uts/common/sys/pathname.h
index dc0fb02926..305e3cf09c 100644
--- a/usr/src/uts/common/sys/pathname.h
+++ b/usr/src/uts/common/sys/pathname.h
@@ -2,9 +2,8 @@
  * CDDL HEADER START
  *
  * The contents of this file are subject to the terms of the
- * Common Development and Distribution License, Version 1.0 only
- * (the "License").  You may not use this file except in compliance
- * with the License.
+ * Common Development and Distribution License (the "License").
+ * You may not use this file except in compliance with the License.
  *
  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  * or http://www.opensolaris.org/os/licensing.
@@ -20,7 +19,7 @@
  * CDDL HEADER END
  */
 /*
- * Copyright 2004 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -35,8 +34,6 @@
 #ifndef _SYS_PATHNAME_H
 #define	_SYS_PATHNAME_H
 
-#pragma ident	"%Z%%M%	%I%	%E% SMI"
-
 #include <sys/vnode.h>
 #include <sys/cred.h>
 #include <sys/uio.h>
@@ -87,10 +84,14 @@ extern int lookupname(char *, enum uio_seg, enum symfollow,
 		vnode_t **, vnode_t **);
 extern int lookupnameat(char *, enum uio_seg, enum symfollow,
 		vnode_t **, vnode_t **, vnode_t *);
+extern int lookupnameatcred(char *, enum uio_seg, enum symfollow,
+		vnode_t **, vnode_t **, vnode_t *, cred_t *);
 extern int lookuppn(struct pathname *, struct pathname *, enum symfollow,
 		vnode_t **, vnode_t **);
 extern int lookuppnat(struct pathname *, struct pathname *, enum symfollow,
 		vnode_t **, vnode_t **, vnode_t *);
+extern int lookuppnatcred(struct pathname *, struct pathname *, enum symfollow,
+		vnode_t **, vnode_t **, vnode_t *, cred_t *);
 
 extern int lookuppnvp(struct pathname *, struct pathname *, int follow,
 		vnode_t **, vnode_t **, vnode_t *, vnode_t *, cred_t *);
diff --git a/usr/src/uts/common/syscall/access.c b/usr/src/uts/common/syscall/access.c
index 072cfb606d..c0ec42867d 100644
--- a/usr/src/uts/common/syscall/access.c
+++ b/usr/src/uts/common/syscall/access.c
@@ -19,7 +19,7 @@
  * CDDL HEADER END
  */
 /*
- * Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
+ * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  * Use is subject to license terms.
  */
 
@@ -31,8 +31,6 @@
  * under license from the Regents of the University of California.
  */
 
-#pragma ident	"%Z%%M%	%I%	%E% SMI"
-
 #include <sys/param.h>
 #include <sys/isa_defs.h>
 #include <sys/types.h>
@@ -91,8 +89,8 @@ caccess(char *fname, int fmode, vnode_t *startvp)
 	}
 
 lookup:
-	if (error = lookupnameat(fname, UIO_USERSPACE, FOLLOW, NULLVPP, &vp,
-	    startvp)) {
+	if (error = lookupnameatcred(fname, UIO_USERSPACE, FOLLOW, NULLVPP, &vp,
+	    startvp, tmpcr)) {
 		if ((error == ESTALE) && fs_need_estale_retry(estale_retry++))
 			goto lookup;
 		if (!eok)
author	Casper H.S. Dik <Casper.Dik@Sun.COM>	2009-05-20 10:46:07 +0200
committer	Casper H.S. Dik <Casper.Dik@Sun.COM>	2009-05-20 10:46:07 +0200
commit	7a142be9307f4ef3f3dbe77bb364bea22cd33485 (patch)
tree	2c85669da4c573f2eaa2799d80dea4bba32cc735 /usr/src
parent	b0de01ca41d65f7e8fb07b234ed373daca1be8af (diff)
download	illumos-joyent-7a142be9307f4ef3f3dbe77bb364bea22cd33485.tar.gz