[rtems commit] Filesystem: Remove superfluous permission checks

Sebastian Huber sebh at rtems.org
Tue Jan 5 13:29:40 UTC 2016 

Module:    rtems
Branch:    master
Commit:    f9f7321e0a7d6f1178687668bec7fe2edb378d42
Changeset: http://git.rtems.org/rtems/commit/?id=f9f7321e0a7d6f1178687668bec7fe2edb378d42

Author:    Sebastian Huber <sebastian.huber at embedded-brains.de>
Date:      Tue Dec 22 07:56:57 2015 +0100

Filesystem: Remove superfluous permission checks

The permission is check by the upper layer.

---

 cpukit/libfs/src/imfs/imfs_chown.c     | 16 +---------------
 cpukit/libfs/src/rfs/rtems-rfs-rtems.c | 17 -----------------
 testsuites/fstests/fspermission/test.c | 20 ++++++++++++++++++++
 testsuites/psxtests/psximfs02/init.c   |  5 -----
 4 files changed, 21 insertions(+), 37 deletions(-)

diff --git a/cpukit/libfs/src/imfs/imfs_chown.c b/cpukit/libfs/src/imfs/imfs_chown.c
index 9f96133..ca48eee 100644
--- a/cpukit/libfs/src/imfs/imfs_chown.c
+++ b/cpukit/libfs/src/imfs/imfs_chown.c
@@ -30,24 +30,10 @@ int IMFS_chown(
   gid_t group
 )
 {
-  IMFS_jnode_t  *jnode;
-#if defined(RTEMS_POSIX_API)
-  uid_t          st_uid;
-#endif
+  IMFS_jnode_t *jnode;
 
   jnode = (IMFS_jnode_t *) loc->node_access;
 
-  /*
-   *  Verify I am the owner of the node or the super user.
-   */
-
-#if defined(RTEMS_POSIX_API)
-  st_uid = geteuid();
-
-  if ( ( st_uid != jnode->st_uid ) && ( st_uid != 0 ) )
-    rtems_set_errno_and_return_minus_one( EPERM );
-#endif
-
   jnode->st_uid = owner;
   jnode->st_gid = group;
 
diff --git a/cpukit/libfs/src/rfs/rtems-rfs-rtems.c b/cpukit/libfs/src/rfs/rtems-rfs-rtems.c
index a0ade04..d3393d6 100644
--- a/cpukit/libfs/src/rfs/rtems-rfs-rtems.c
+++ b/cpukit/libfs/src/rfs/rtems-rfs-rtems.c
@@ -274,9 +274,6 @@ rtems_rfs_rtems_chown (const rtems_filesystem_location_info_t *pathloc,
   rtems_rfs_file_system* fs = rtems_rfs_rtems_pathloc_dev (pathloc);
   rtems_rfs_ino          ino = rtems_rfs_rtems_get_pathloc_ino (pathloc);
   rtems_rfs_inode_handle inode;
-#if defined (RTEMS_POSIX_API)
-  uid_t                  uid;
-#endif
   int                    rc;
 
   if (rtems_rfs_rtems_trace (RTEMS_RFS_RTEMS_DEBUG_CHOWN))
@@ -289,20 +286,6 @@ rtems_rfs_rtems_chown (const rtems_filesystem_location_info_t *pathloc,
     return rtems_rfs_rtems_error ("chown: opening inode", rc);
   }
 
-  /*
-   *  Verify I am the owner of the node or the super user.
-   */
-
-#if defined (RTEMS_POSIX_API)
-  uid = geteuid();
-
-  if ((uid != rtems_rfs_inode_get_uid (&inode)) && (uid != 0))
-  {
-    rtems_rfs_inode_close (fs, &inode);
-    return rtems_rfs_rtems_error ("chown: not able", EPERM);
-  }
-#endif
-
   rtems_rfs_inode_set_uid_gid (&inode, owner, group);
 
   rc = rtems_rfs_inode_close (fs, &inode);
diff --git a/testsuites/fstests/fspermission/test.c b/testsuites/fstests/fspermission/test.c
index 3fba68b..36675ac 100644
--- a/testsuites/fstests/fspermission/test.c
+++ b/testsuites/fstests/fspermission/test.c
@@ -441,6 +441,26 @@ static void  test_premission02(void )
   rtems_test_assert(user_id==statbuf.st_uid);
   rtems_test_assert(group_id==statbuf.st_gid);
 
+  status = seteuid(user_id - 1);
+  rtems_test_assert(status == 0);
+
+  errno = 0;
+  status = chown(file01, user_id, group_id);
+  rtems_test_assert(status == -1);
+  rtems_test_assert(errno == EPERM);
+
+  status = seteuid(user_id);
+  rtems_test_assert(status == 0);
+
+  status = chown(file01, user_id, group_id);
+  rtems_test_assert(status == 0);
+
+  status = seteuid(0);
+  rtems_test_assert(status == 0);
+
+  status = chown(file01, user_id, group_id);
+  rtems_test_assert(status == 0);
+
   status=mkdir(directory01,mode);
   rtems_test_assert(status==0);
   status=stat(directory01,&statbuf);
diff --git a/testsuites/psxtests/psximfs02/init.c b/testsuites/psxtests/psximfs02/init.c
index 2a55d08..2316eb5 100644
--- a/testsuites/psxtests/psximfs02/init.c
+++ b/testsuites/psxtests/psximfs02/init.c
@@ -160,7 +160,6 @@ rtems_task Init(
   status = seteuid( 10 );
   rtems_test_assert( status == 0 );
 
-#if defined(RTEMS_POSIX_API)
   puts( "Attempt chmod on /node -- expect EPERM" );
   status = chmod( "/node", S_IRUSR );
   rtems_test_assert( status == -1 );
@@ -170,10 +169,6 @@ rtems_task Init(
   status = chown( "/node", 10, 10 );
   rtems_test_assert( status == -1 );
   rtems_test_assert( errno == EPERM );
-#else
-  puts( "Attempt chmod on /node -- EPERM only when POSIX enabled" );
-  puts( "Attempt chown on /node -- EPERM only when POSIX enabled" );
-#endif
 
   puts( "Changing euid back to 0 [root]" );
   status = seteuid( 0 );

More information about the vc mailing list