Should UID 0 or GID 0 have a special meaning in RTEMS?
Joel Sherrill
joel.sherrill at OARcorp.com
Fri Feb 17 16:31:37 UTC 2012
On 02/17/2012 10:15 AM, Sebastian Huber wrote:
> Hello,
>
> I work currently with the RTEMS file system subsystem. I want to unify the
> access checks. The question is if UID 0 or GID 0 should have a special meaning
> in RTEMS?
>
They are supposed to be root/root just like traditional UNIX and
thus would be special.
There is also a minor bug in setuid and setgid based on this paragraph
from the Linux man pages (similar verbage for setgid()):
setuid() sets the effective user ID of the calling process.
If the
effective UID of the caller is root, the real UID and saved
set-user-ID
are also set.
Our implementation of setuid() and setgid() sets the real UID and GID
all the time. It should be checking for root before doing that. It should
be setting the EUID and EGID.
Fixing this addressed some failures in the fstests. It
I had a fix to this and some fstest changes but lost then when removing
CVS trees. :( I haven't had time to revisit it.
> Do we want this
>
> bool rtems_filesystem_check_access(
> int eval_flags,
> mode_t node_mode,
> uid_t node_uid,
> gid_t node_gid
> )
> {
> mode_t perm_flags = eval_flags& RTEMS_LIBIO_PERMS_RWX;
> uid_t task_uid = geteuid();
>
> if (task_uid == 0 || task_uid == node_uid) {
> perm_flags<<= 6;
> } else {
> gid_t task_gid = getegid();
>
> if (task_gid == 0 || task_gid == node_gid) {
> perm_flags<<= 3;
> } else {
> perm_flags<<= 0;
> }
> }
>
> return (perm_flags& node_mode) == perm_flags;
> }
>
> or this
>
> bool rtems_filesystem_check_access(
> int eval_flags,
> mode_t node_mode,
> uid_t node_uid,
> gid_t node_gid
> )
> {
> mode_t perm_flags = eval_flags& RTEMS_LIBIO_PERMS_RWX;
>
> if (geteuid() == node_uid) {
> perm_flags<<= 6;
> } else if (getegid() == node_gid) {
> perm_flags<<= 3;
> } else {
> perm_flags<<= 0;
> }
>
> return (perm_flags& node_mode) == perm_flags;
> }
>
> ?
>
--
Joel Sherrill, Ph.D. Director of Research& Development
joel.sherrill at OARcorp.com On-Line Applications Research
Ask me about RTEMS: a free RTOS Huntsville AL 35805
Support Available (256) 722-9985
More information about the devel
mailing list