> I don't think it much matters which of these criteria we use.
>
> If pfinet's style is preferable, then it should at least consistently track
> the st_uid/st_gid of the underlying node if it passes through changes (as
> trivfs filesystems usually do). Thus the interface in my example code
>
> e.g. diskfs_S_file_chown would look like this:
>
> err = fshelp_isroot (&diskfs_underlying_stat, cred->user);
> if (!err)
> {
>err = fshelp_isowner (&np->dn_stat, cred->user);
>if (!err
> && ((uid != (uid_t) -1
> && !idvec_contains (cred->us
> > I'd like to have this same single checking function used for all the
> > control-the-world permission checks. This includes all the "isroot"
> > settings used in trivfs and term and so forth, and also the more detailed
> > checks in things like chown. In keeping with fshelp_isowner, it might
> I'd like to have this same single checking function used for all the
> control-the-world permission checks. This includes all the "isroot"
> settings used in trivfs and term and so forth, and also the more detailed
> checks in things like chown. In keeping with fshelp_isowner, it might be
> na
I am glad that you have taken a crack at this issue. But I would like to
see a more comprehensive solution that ties up all the code related to this.
I'd like to have this same single checking function used for all the
control-the-world permission checks. This includes all the "isroot"
settings
At the moment, libdiskfs, libnetfs and libtrivfs will only give the
control port to root (Cf. lib{disk,net,triv}fs/file-getcontrol.c).
This is inherently wrong: a user should be able to get the control
port to a file system if they can send a signal to the process, etc.
Thus, this patch introduce
