From: Frank van Maarseveen <frankvm@xs4all.nl>
To: Trond Myklebust <trond.myklebust@fys.uio.no>
Cc: Linux NFS mailing list <nfs@lists.sourceforge.net>
Subject: [PATCH 3/3 2.6.9-rc2] remove broken_suid mount option (last part)
Date: Thu, 16 Sep 2004 01:51:10 +0200 [thread overview]
Message-ID: <20040915235110.GC23903@janus> (raw)
This gave me some thinking. But it seems that without this patch the only
difference would be that processes with different real uid/gid would get
different credentials internally only. It would not make any difference
from what the server would see since we ultimately send fsuid/fsgid only
(and of course the grouplist).
Signed-off-by: Frank van Maarseveen <frankvm@xs4all.nl>
--- d2/net/sunrpc/auth_unix.c.orig 2004-09-15 21:54:27.000000000 +0200
+++ d2/net/sunrpc/auth_unix.c 2004-09-15 23:02:25.000000000 +0200
@@ -17,8 +17,6 @@
struct unx_cred {
struct rpc_cred uc_base;
gid_t uc_gid;
- uid_t uc_puid; /* process uid */
- gid_t uc_pgid; /* process gid */
gid_t uc_gids[RPC_MAXGROUPS];
};
#define uc_uid uc_base.cr_uid
@@ -76,8 +74,8 @@
atomic_set(&cred->uc_count, 0);
cred->uc_flags = RPCAUTH_CRED_UPTODATE;
if (flags & RPC_TASK_ROOTCREDS) {
- cred->uc_uid = cred->uc_puid = 0;
- cred->uc_gid = cred->uc_pgid = 0;
+ cred->uc_uid = 0;
+ cred->uc_gid = 0;
cred->uc_gids[0] = NOGROUP;
} else {
int groups = acred->group_info->ngroups;
@@ -86,8 +84,6 @@
cred->uc_uid = acred->uid;
cred->uc_gid = acred->gid;
- cred->uc_puid = current->uid;
- cred->uc_pgid = current->gid;
for (i = 0; i < groups; i++)
cred->uc_gids[i] = GROUP_AT(acred->group_info, i);
if (i < RPC_MAXGROUPS)
@@ -119,9 +115,7 @@
int groups;
if (cred->uc_uid != acred->uid
- || cred->uc_gid != acred->gid
- || cred->uc_puid != current->uid
- || cred->uc_pgid != current->gid)
+ || cred->uc_gid != acred->gid)
return 0;
groups = acred->group_info->ngroups;
@@ -132,8 +126,8 @@
return 0;
return 1;
}
- return (cred->uc_uid == 0 && cred->uc_puid == 0
- && cred->uc_gid == 0 && cred->uc_pgid == 0
+ return (cred->uc_uid == 0
+ && cred->uc_gid == 0
&& cred->uc_gids[0] == (gid_t) NOGROUP);
}
--
Frank
-------------------------------------------------------
This SF.Net email is sponsored by: thawte's Crypto Challenge Vl
Crack the code and win a Sony DCRHC40 MiniDV Digital Handycam
Camcorder. More prizes in the weekly Lunch Hour Challenge.
Sign up NOW http://ad.doubleclick.net/clk;10740251;10262165;m
_______________________________________________
NFS maillist - NFS@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs
reply other threads:[~2004-09-15 23:51 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20040915235110.GC23903@janus \
--to=frankvm@xs4all.nl \
--cc=nfs@lists.sourceforge.net \
--cc=trond.myklebust@fys.uio.no \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.