On Sat, Dec 16, 2006 at 11:25:55AM +0000, Robert Watson wrote: > Yes, you can find the details in kern/106078. > > The thrust of the problem is that applications apparently pass access mode > arguments to shmget() in situations other than file creation, which isn't > documented in the spec. I've been doing a bit of on-and-off research on > this, but need to do some more before I'm ready to change our > implementation to simply ignore the argument. I hope to look at it again > this week sometime; it's unclear to me what applications are trying to > accomplish with the mode field in the non-IPC_CREAT case, and none of the > man pages and documentation I've found on various UNIX systems to date > suggest anything in particular. See t-shm.c code in either dk-milter or dkim-milter to gather the sample of operation. Those test written in way to be passed in all sysv ipc conformant machines. Which isn't our FreeBSD now :( I think removing that old code is the root of the problem: * Always permit the creator/owner to update the object * protections regardless of whether the object mode * permits it. */ if (mode & IPC_M) return (0); I.e. old code not even check for IPC_W or IPC_R in case of IPC_M presense. Moreover, old code allows _anything_ for suser: if ((mode & perm->mode) != mode) { if (suser(td) != 0) return (EACCES); } > >On Sat, Dec 16, 2006 at 08:59:03AM +0300, Andrey Chernov wrote: > >>It seems shm is broken in very recent -current. > >>Trying to build dkim-milter or dk-milter port (from root, of course) I > >>got: > >> > >>./t-shm > >>shmget: Permission denied > >>^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > >>shminit failed: Permission denied > >>1..bad! t-shm.c:260 r == 0 > >>add -DSM_CONF_SHM=0 to confENVDEF in devtools/Site/site.config.m4 > >>and start over. > >>0 of 1 tests completed successfully > >>*** 1 error in test! *** > >>2..bad! t-shm.c:177 cnt <= MAX_CNT > >>add -DSM_CONF_SHM=0 to confENVDEF in devtools/Site/site.config.m4 > >>and start over. > >>4 of 5 tests completed successfully > >>*** 1 error in test! *** > > > > > >-- > >http://ache.pp.ru/ > > -- http://ache.pp.ru/Received on Sat Dec 16 2006 - 10:44:28 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:04 UTC