author: Robert Watson <rwatson@FreeBSD.org> 2002-08-01 03:50:08 +0000
committer: Robert Watson <rwatson@FreeBSD.org> 2002-08-01 03:50:08 +0000
commit: b3e13e1c3fbb39bbda0409f7ebab9ba6ecfb57d5 (patch)
tree: 7bf1a51ec214152f958825679cc61b3d0a81302f /sys/kern/vfs_extattr.c
parent: b82791959437b20e883b931a46ba8a417b077736 (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/sys/kern/vfs_extattr.c b/sys/kern/vfs_extattr.c
index a6a29823db41..bf439080d1cd 100644
--- a/sys/kern/vfs_extattr.c
+++ b/sys/kern/vfs_extattr.c
@@ -397,6 +397,10 @@ fchdir(td, uap)
 	vn_lock(vp, LK_EXCLUSIVE | LK_RETRY, td);
 	if (vp->v_type != VDIR)
 		error = ENOTDIR;
+#ifdef MAC
+	else if ((error = mac_check_vnode_chdir(td->td_ucred, vp)) != 0) {
+	}
+#endif
 	else
 		error = VOP_ACCESS(vp, VEXEC, td->td_ucred, td);
 	while (!error && (mp = vp->v_mountedhere) != NULL) {
@@ -524,6 +528,10 @@ chroot(td, uap)
 	mtx_lock(&Giant);
 	if ((error = change_dir(&nd, td)) != 0)
 		goto error;
+#ifdef MAC
+	if ((error = mac_check_vnode_chroot(td->td_ucred, nd.ni_vp)))
+		goto error;
+#endif
 	FILEDESC_LOCK(fdp);
 	if (chroot_allow_open_directories == 0 ||
 	    (chroot_allow_open_directories == 1 && fdp->fd_rdir != rootvnode)) {
@@ -567,6 +575,10 @@ change_dir(ndp, td)
 	vp = ndp->ni_vp;
 	if (vp->v_type != VDIR)
 		error = ENOTDIR;
+#ifdef MAC
+	else if ((error = mac_check_vnode_chdir(td->td_ucred, vp)) != 0) {
+	}
+#endif
 	else
 		error = VOP_ACCESS(vp, VEXEC, td->td_ucred, td);
 	if (error)
author	Robert Watson <rwatson@FreeBSD.org>	2002-08-01 03:50:08 +0000
committer	Robert Watson <rwatson@FreeBSD.org>	2002-08-01 03:50:08 +0000
commit	b3e13e1c3fbb39bbda0409f7ebab9ba6ecfb57d5 (patch)
tree	7bf1a51ec214152f958825679cc61b3d0a81302f /sys/kern/vfs_extattr.c
parent	b82791959437b20e883b931a46ba8a417b077736 (diff)