On Sun, Feb 27, 2011 at 07:12:16PM -0500, Christos Zoulas wrote:
> don't depend on F_OK being 0.
> :
> - if ((SCARG(uap, flags) & ~(R_OK | W_OK | X_OK)) != 0) {
> + if ((SCARG(uap, flags) & ~(F_OK | R_OK | W_OK | X_OK)) != 0) {
That doesn't work; if F_OK isn't zero and the user passes 0, we end up
in the kauth assertion again.
mlelstv and I were just (more or less pointlessly) thrashing out
various ways to fix that in chat, but it ends up overcomplicated, so I
suggest reverting the above and instead adding
+ CTASSERT(F_OK == 0);
if ((SCARG(uap, flags) & ~(R_OK | W_OK | X_OK)) != 0) {
so that if in the unlikely event that anyone ever tries to change F_OK
it will then get further attention.
--
David A. Holland
dholl...@netbsd.org
