* [9fans] /srv modes
@ 1997-08-15 1:35 presotto
0 siblings, 0 replies; 2+ messages in thread
From: presotto @ 1997-08-15 1:35 UTC (permalink / raw)
It's clear that someone else had a similar idea. Here's the
code for srvopen/create in our current plan9 (and brazil) sources:
Chan*
srvopen(Chan *c, int omode)
{
int mode;
Srv *sp;
if(c->qid.path == CHDIR){
if(omode != OREAD)
error(Eisdir);
c->mode = omode;
c->flag |= COPEN;
c->offset = 0;
return c;
}
qlock(&srvlk);
if(waserror()){
qunlock(&srvlk);
nexterror();
}
for(sp = srv; sp; sp = sp->link)
if(sp->path == c->qid.path)
break;
if(sp == 0 || sp->chan == 0)
error(Eshutdown);
if(omode&OTRUNC)
error(Eperm);
if(omode!=sp->chan->mode && sp->chan->mode!=ORDWR)
error(Eperm);
if(strcmp(u->p->user, sp->owner) == 0) /* User */
mode = sp->perm;
else if(strcmp(u->p->user, eve) == 0) /* eve is group */
mode = sp->perm<<3;
else
mode = sp->perm<<6; /* Other */
if((mode & 0600) != 0600)
error(Eperm);
close(c);
incref(sp->chan);
qunlock(&srvlk);
poperror();
return sp->chan;
}
void
srvcreate(Chan *c, char *name, int omode, ulong perm)
{
Srv *sp;
if(omode != OWRITE)
error(Eperm);
sp = malloc(sizeof(Srv));
if(sp == 0)
error(Enomem);
qlock(&srvlk);
if(waserror()){
qunlock(&srvlk);
nexterror();
}
sp->path = path++;
sp->link = srv;
c->qid.path = sp->path;
srv = sp;
qunlock(&srvlk);
poperror();
strncpy(sp->name, name, NAMELEN);
strncpy(sp->owner, u->p->user, NAMELEN);
sp->perm = perm&0777;
c->flag |= COPEN;
c->mode = OWRITE;
}
It saves and checks the create permissions though it does require
ORDWR on the channel and the open.
------ forwarded message follows ------
>From cse.psu.edu!owner-9fans Thu Aug 14 14:16:51 EDT 1997
Received: from cse.psu.edu ([130.203.3.50]) by plan9; Thu Aug 14 14:16:51 EDT 1997
Received: from localhost (majordom@localhost) by cse.psu.edu (8.8.6/8.7.3) with SMTP id OAA11635; Thu, 14 Aug 1997 14:10:08 -0400 (EDT)
Received: by claven.cse.psu.edu (bulk_mailer v1.5); Thu, 14 Aug 1997 14:05:28 -0400
Received: (from majordom@localhost) by cse.psu.edu (8.8.6/8.7.3) id OAA11541 for 9fans-outgoing; Thu, 14 Aug 1997 14:05:23 -0400 (EDT)
X-Authentication-Warning: claven.cse.psu.edu: majordom set sender to owner-9fans using -f
Received: from ncube.com (hundl.ncube.com [134.242.5.163]) by cse.psu.edu (8.8.6/8.7.3) with SMTP id OAA11537 for <9fans@cse.psu.edu>; Thu, 14 Aug 1997 14:05:19 -0400 (EDT)
From: ncube.com!beto
Message-Id: <199708141805.OAA11537@cse.psu.edu>
Date: Thu, 14 Aug 97 10:53:35 PDT
To: cse.psu.edu!9fans
Subject: [9fans] /srv modes
Sender: cse.psu.edu!owner-9fans
Reply-To: cse.psu.edu!9fans
Precedence: bulk
Hi,
I got a question about /srv/foo access permision.
When you create a file onto /srv to post a fd, the modes
you specify during the create are not relate to the modes
that are checked during open.
During the open the modes that are check are the modes
on the referenced channel, and it check only for OREAD/OWRITE.
This makes some sense for 9P connection to servers that
provides authentication but it's a problem if you want to
do something else.
For example, it would be nice if I could post a fd for processes
running under the same uid to share. For example I could
create the file with 600, so only processes with my
uid can read/write to it.
Will it brake something if I changed devsrv.c to check first for
permission on the file and then permission on the channel?
Most fd are posted 666 (/srv/nfsserver.chat uses 600) so
they shouldn't be affected????
Any comment would be appreciated?
^ permalink raw reply [flat|nested] 2+ messages in thread
* [9fans] /srv modes
@ 1997-08-14 17:53 beto
0 siblings, 0 replies; 2+ messages in thread
From: beto @ 1997-08-14 17:53 UTC (permalink / raw)
Hi,
I got a question about /srv/foo access permision.
When you create a file onto /srv to post a fd, the modes
you specify during the create are not relate to the modes
that are checked during open.
During the open the modes that are check are the modes
on the referenced channel, and it check only for OREAD/OWRITE.
This makes some sense for 9P connection to servers that
provides authentication but it's a problem if you want to
do something else.
For example, it would be nice if I could post a fd for processes
running under the same uid to share. For example I could
create the file with 600, so only processes with my
uid can read/write to it.
Will it brake something if I changed devsrv.c to check first for
permission on the file and then permission on the channel?
Most fd are posted 666 (/srv/nfsserver.chat uses 600) so
they shouldn't be affected????
Any comment would be appreciated?
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~1997-08-15 1:35 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
1997-08-15 1:35 [9fans] /srv modes presotto
-- strict thread matches above, loose matches on Subject: below --
1997-08-14 17:53 beto
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).