From mboxrd@z Thu Jan 1 00:00:00 1970 Date: Thu, 14 Aug 1997 21:35:54 -0400 From: presotto@plan9.bell-labs.com presotto@plan9.bell-labs.com Subject: [9fans] /srv modes Topicbox-Message-UUID: 5ec732a4-eac8-11e9-9e20-41e7f4b1d025 Message-ID: <19970815013554.ZI_f3cTOUeSdd86Nr_bZG4wEancMf0seOuSxEQKzQEM@z> It's clear that someone else had a similar idea. Here's the code for srvopen/create in our current plan9 (and brazil) sources: Chan* srvopen(Chan *c, int omode) { int mode; Srv *sp; if(c->qid.path == CHDIR){ if(omode != OREAD) error(Eisdir); c->mode = omode; c->flag |= COPEN; c->offset = 0; return c; } qlock(&srvlk); if(waserror()){ qunlock(&srvlk); nexterror(); } for(sp = srv; sp; sp = sp->link) if(sp->path == c->qid.path) break; if(sp == 0 || sp->chan == 0) error(Eshutdown); if(omode&OTRUNC) error(Eperm); if(omode!=sp->chan->mode && sp->chan->mode!=ORDWR) error(Eperm); if(strcmp(u->p->user, sp->owner) == 0) /* User */ mode = sp->perm; else if(strcmp(u->p->user, eve) == 0) /* eve is group */ mode = sp->perm<<3; else mode = sp->perm<<6; /* Other */ if((mode & 0600) != 0600) error(Eperm); close(c); incref(sp->chan); qunlock(&srvlk); poperror(); return sp->chan; } void srvcreate(Chan *c, char *name, int omode, ulong perm) { Srv *sp; if(omode != OWRITE) error(Eperm); sp = malloc(sizeof(Srv)); if(sp == 0) error(Enomem); qlock(&srvlk); if(waserror()){ qunlock(&srvlk); nexterror(); } sp->path = path++; sp->link = srv; c->qid.path = sp->path; srv = sp; qunlock(&srvlk); poperror(); strncpy(sp->name, name, NAMELEN); strncpy(sp->owner, u->p->user, NAMELEN); sp->perm = perm&0777; c->flag |= COPEN; c->mode = OWRITE; } It saves and checks the create permissions though it does require ORDWR on the channel and the open. ------ forwarded message follows ------ >>From cse.psu.edu!owner-9fans Thu Aug 14 14:16:51 EDT 1997 Received: from cse.psu.edu ([130.203.3.50]) by plan9; Thu Aug 14 14:16:51 EDT 1997 Received: from localhost (majordom@localhost) by cse.psu.edu (8.8.6/8.7.3) with SMTP id OAA11635; Thu, 14 Aug 1997 14:10:08 -0400 (EDT) Received: by claven.cse.psu.edu (bulk_mailer v1.5); Thu, 14 Aug 1997 14:05:28 -0400 Received: (from majordom@localhost) by cse.psu.edu (8.8.6/8.7.3) id OAA11541 for 9fans-outgoing; Thu, 14 Aug 1997 14:05:23 -0400 (EDT) X-Authentication-Warning: claven.cse.psu.edu: majordom set sender to owner-9fans using -f Received: from ncube.com (hundl.ncube.com [134.242.5.163]) by cse.psu.edu (8.8.6/8.7.3) with SMTP id OAA11537 for <9fans@cse.psu.edu>; Thu, 14 Aug 1997 14:05:19 -0400 (EDT) From: ncube.com!beto Message-Id: <199708141805.OAA11537@cse.psu.edu> Date: Thu, 14 Aug 97 10:53:35 PDT To: cse.psu.edu!9fans Subject: [9fans] /srv modes Sender: cse.psu.edu!owner-9fans Reply-To: cse.psu.edu!9fans Precedence: bulk Hi, I got a question about /srv/foo access permision. When you create a file onto /srv to post a fd, the modes you specify during the create are not relate to the modes that are checked during open. During the open the modes that are check are the modes on the referenced channel, and it check only for OREAD/OWRITE. This makes some sense for 9P connection to servers that provides authentication but it's a problem if you want to do something else. For example, it would be nice if I could post a fd for processes running under the same uid to share. For example I could create the file with 600, so only processes with my uid can read/write to it. Will it brake something if I changed devsrv.c to check first for permission on the file and then permission on the channel? Most fd are posted 666 (/srv/nfsserver.chat uses 600) so they shouldn't be affected???? Any comment would be appreciated?