From: Frank van Maarseveen <frankvm@xs4all.nl>
To: Trond Myklebust <trond.myklebust@fys.uio.no>
Cc: Linux NFS mailing list <nfs@lists.sourceforge.net>
Subject: [PATCH 3/3 2.6.9-rc2] remove broken_suid mount option (last part)
Date: Thu, 16 Sep 2004 01:51:10 +0200 [thread overview]
Message-ID: <20040915235110.GC23903@janus> (raw)
This gave me some thinking. But it seems that without this patch the only
difference would be that processes with different real uid/gid would get
different credentials internally only. It would not make any difference
from what the server would see since we ultimately send fsuid/fsgid only
(and of course the grouplist).
Signed-off-by: Frank van Maarseveen <frankvm@xs4all.nl>
--- d2/net/sunrpc/auth_unix.c.orig 2004-09-15 21:54:27.000000000 +0200
+++ d2/net/sunrpc/auth_unix.c 2004-09-15 23:02:25.000000000 +0200
@@ -17,8 +17,6 @@
struct unx_cred {
struct rpc_cred uc_base;
gid_t uc_gid;
- uid_t uc_puid; /* process uid */
- gid_t uc_pgid; /* process gid */
gid_t uc_gids[RPC_MAXGROUPS];
};
#define uc_uid uc_base.cr_uid
@@ -76,8 +74,8 @@
atomic_set(&cred->uc_count, 0);
cred->uc_flags = RPCAUTH_CRED_UPTODATE;
if (flags & RPC_TASK_ROOTCREDS) {
- cred->uc_uid = cred->uc_puid = 0;
- cred->uc_gid = cred->uc_pgid = 0;
+ cred->uc_uid = 0;
+ cred->uc_gid = 0;
cred->uc_gids[0] = NOGROUP;
} else {
int groups = acred->group_info->ngroups;
@@ -86,8 +84,6 @@
cred->uc_uid = acred->uid;
cred->uc_gid = acred->gid;
- cred->uc_puid = current->uid;
- cred->uc_pgid = current->gid;
for (i = 0; i < groups; i++)
cred->uc_gids[i] = GROUP_AT(acred->group_info, i);
if (i < RPC_MAXGROUPS)
@@ -119,9 +115,7 @@
int groups;
if (cred->uc_uid != acred->uid
- || cred->uc_gid != acred->gid
- || cred->uc_puid != current->uid
- || cred->uc_pgid != current->gid)
+ || cred->uc_gid != acred->gid)
return 0;
groups = acred->group_info->ngroups;
@@ -132,8 +126,8 @@
return 0;
return 1;
}
- return (cred->uc_uid == 0 && cred->uc_puid == 0
- && cred->uc_gid == 0 && cred->uc_pgid == 0
+ return (cred->uc_uid == 0
+ && cred->uc_gid == 0
&& cred->uc_gids[0] == (gid_t) NOGROUP);
}
--
Frank
-------------------------------------------------------
This SF.Net email is sponsored by: thawte's Crypto Challenge Vl
Crack the code and win a Sony DCRHC40 MiniDV Digital Handycam
Camcorder. More prizes in the weekly Lunch Hour Challenge.
Sign up NOW http://ad.doubleclick.net/clk;10740251;10262165;m
_______________________________________________
NFS maillist - NFS@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs
reply other threads:[~2004-09-15 23:51 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20040915235110.GC23903@janus \
--to=frankvm@xs4all.nl \
--cc=nfs@lists.sourceforge.net \
--cc=trond.myklebust@fys.uio.no \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox