On Sat, Dec 16, 2006 at 12:11:05PM +0000, Robert Watson wrote: > > * Always permit the creator/owner to update the object > > * protections regardless of whether the object mode > > * permits it. > > */ > > if (mode & IPC_M) > > return (0); > > > >I.e. old code not even check for IPC_W or IPC_R in case of IPC_M presense. > > Is this conclusion a supposition or the result of testing? Could you test > and see if this is true? It comes just from code reading. First check for owner and next check for IPC_M bit _only_ (no other bits!) then return (0) i.e. success. > >Moreover, old code allows _anything_ for suser: > The new code should also allow anything, as long as the bits passed into > ipcperm() as requested modes are valid. There's certainly a bug here I mean anything for suser ignoring completely any modes passed. I.e. no EACCES should happen for suser in _any_ mode combination. -- http://ache.pp.ru/Received on Sat Dec 16 2006 - 11:51:39 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:04 UTC