author: Robert Watson <rwatson@FreeBSD.org> 2000-10-19 07:53:59 +0000
committer: Robert Watson <rwatson@FreeBSD.org> 2000-10-19 07:53:59 +0000
commit: 47460a23a071ad057084bacadf7e2da5f7089a4c (patch)
tree: 160423a28799bf564fdb6cde82b6d3a097a9c512 /sys/kern/vfs_subr.c
parent: dc13e6dfbb992b10bb68638524512a6db07ff98d (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/sys/kern/vfs_subr.c b/sys/kern/vfs_subr.c
index eb5f5cf39b83..27dcfd3f5728 100644
--- a/sys/kern/vfs_subr.c
+++ b/sys/kern/vfs_subr.c
@@ -3050,6 +3050,7 @@ vaccess(type, file_mode, file_uid, file_gid, acc_mode, cred, privused)
 
 	/* Check the owner. */
 	if (cred->cr_uid == file_uid) {
+		dac_granted |= VADMIN;
 		if (file_mode & S_IXUSR)
 			dac_granted |= VEXEC;
 		if (file_mode & S_IRUSR)
@@ -3117,6 +3118,10 @@ privcheck:
 	    !cap_check_xxx(cred, NULL, CAP_DAC_WRITE, PRISON_ROOT))
 		cap_granted |= VWRITE;
 
+	if ((acc_mode & VADMIN) && ((dac_granted & VADMIN) == 0) &&
+	    !cap_check_xxx(cred, NULL, CAP_FOWNER, PRISON_ROOT))
+		cap_granted |= VADMIN;
+
 	if ((acc_mode & (cap_granted | dac_granted)) == acc_mode) {
 		/* XXX audit: privilege used */
 		if (privused != NULL)
author	Robert Watson <rwatson@FreeBSD.org>	2000-10-19 07:53:59 +0000
committer	Robert Watson <rwatson@FreeBSD.org>	2000-10-19 07:53:59 +0000
commit	47460a23a071ad057084bacadf7e2da5f7089a4c (patch)
tree	160423a28799bf564fdb6cde82b6d3a097a9c512 /sys/kern/vfs_subr.c
parent	dc13e6dfbb992b10bb68638524512a6db07ff98d (diff)