Author: trasz
Date: Tue Apr 17 14:54:00 2012
New Revision: 234385
URL: http://svn.freebsd.org/changeset/base/234385
Log:
Fix bug where NFSv4 ACL enforcement code wouldn't unconditionally
allow the owner to read and write ACL and file attributes when there
was no entry with subject matching the owner. In other words,
'getfacl meh' shouldn't fail for the owner if the ACL looks like this:
# file: meh
# owner: trasz
# group: wheel
user:root:------a-------:------:allow
Reported by: kientzle
Modified:
head/sys/kern/subr_acl_nfs4.c
Modified: head/sys/kern/subr_acl_nfs4.c
==============================================================================
--- head/sys/kern/subr_acl_nfs4.c Tue Apr 17 14:37:29 2012
(r234384)
+++ head/sys/kern/subr_acl_nfs4.c Tue Apr 17 14:54:00 2012
(r234385)
@@ -162,6 +162,9 @@ _acl_denies(const struct acl *aclp, int
return (0);
}
+ if (access_mask == 0)
+ return (0);
+
return (1);
}
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
