On Sun, 2005-11-13 at 05:06 +0000, Lorenzo Hernandez Garcia-Hierro
wrote:
> + /* generic check for getattr/setattr ioctls */
> + if ((_IOC_DIR(cmd) & _IOC_READ)) {
> + file_has_perm(current, file, FILE__GETATTR);
Return value ignored, and it will fall through to the default case of
the switch statement.
> + } else if ((_IOC_DIR(cmd) & _IOC_WRITE)) {
> + file_has_perm(current, file, FILE__SETATTR);
> + }
Ditto.
What if the ioctl command has both read and write directions? Better to
construct an access vector with all appropriate permissions and then
call file_has_perm once and return its value.
_IOC_NONE case should likely trigger a file_has_perm(current, file, 0);
> + switch (cmd) {
> /* sys_ioctl() checks */
> case FIONBIO:
> /* fall through */
What _IOC_DIR is associated with the remaining generic ioctls here?
Naturally, this change needs extensive testing to assess its impact on
policy.
--
Stephen Smalley
National Security Agency
This archive was generated by hypermail 2.1.3 : Mon Nov 14 2005 - 06:49:20 PST