diff options
| author | CismonX <admin@cismon.net> | 2024-04-29 04:48:26 +0000 |
|---|---|---|
| committer | Warner Losh <imp@FreeBSD.org> | 2024-04-29 04:48:31 +0000 |
| commit | d289382897e7ded566a3aa10ae535235149c4056 (patch) | |
| tree | a7b67ed16261743b3b478f203deac3094bdd5782 /share | |
| parent | 78444b5ade65568d817ecc3cfa5d66e05edf2b14 (diff) | |
| download | src-d289382897e7ded566a3aa10ae535235149c4056.tar.gz src-d289382897e7ded566a3aa10ae535235149c4056.zip | |
rights.4: various corrections on capability rights
- A file descriptor obtained from accept(2), accept4(2) and openat(2)
is not always assigned all capability rights. Instead, it inherits
capability rights from the "parent" socket/dir file descriptor.
- getdents(2) and getdirentries(2) requires CAP_READ.
- openat(2) with O_WRONLY|O_TRUNC does not require CAP_SEEK.
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/1207
Diffstat (limited to 'share')
| -rw-r--r-- | share/man/man4/rights.4 | 21 |
1 files changed, 15 insertions, 6 deletions
diff --git a/share/man/man4/rights.4 b/share/man/man4/rights.4 index 2d44a1060006..3e5e18fc65d8 100644 --- a/share/man/man4/rights.4 +++ b/share/man/man4/rights.4 @@ -30,7 +30,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd March 22, 2024 +.Dd April 27, 2024 .Dt RIGHTS 4 .Os .Sh NAME @@ -38,20 +38,22 @@ .Nd Capsicum capability rights for file descriptors .Sh DESCRIPTION When a file descriptor is created by a function such as -.Xr accept 2 , -.Xr accept4 2 , .Xr fhopen 2 , .Xr kqueue 2 , .Xr mq_open 2 , .Xr open 2 , -.Xr openat 2 , .Xr pdfork 2 , .Xr pipe 2 , .Xr shm_open 2 , .Xr socket 2 or .Xr socketpair 2 , -it is assigned all capability rights. +it is assigned all capability rights; for +.Xr accept 2 , +.Xr accept4 2 +or +.Xr openat 2 , +it inherits capability rights from the "parent" file descriptor. Those rights can be reduced (but never expanded) by using the .Xr cap_rights_limit 2 , .Xr cap_fcntls_limit 2 and @@ -501,7 +503,10 @@ with the is also required), .Xr preadv 2 .Dv ( CAP_SEEK -is also required) and related system calls. +is also required), +.Xr getdents 2 , +.Xr getdirentries 2 , +and related system calls. .It Dv CAP_RECV An alias to .Dv CAP_READ . @@ -611,6 +616,8 @@ with the .Dv O_WRONLY flag, but without the .Dv O_APPEND +or +.Dv O_TRUNC flag, .Dv CAP_SEEK is also required. @@ -657,6 +664,8 @@ is also required. .Xr fsync 2 , .Xr ftruncate 2 , .Xr futimes 2 , +.Xr getdents 2 , +.Xr getdirentries 2 , .Xr getpeername 2 , .Xr getsockname 2 , .Xr getsockopt 2 , |