diff options
Diffstat (limited to 'cpukit/libcsupport/src')
-rw-r--r-- | cpukit/libcsupport/src/sup_fs_check_permissions.c | 47 | ||||
-rw-r--r-- | cpukit/libcsupport/src/uenvgetgroups.c | 36 |
2 files changed, 70 insertions, 13 deletions
diff --git a/cpukit/libcsupport/src/sup_fs_check_permissions.c b/cpukit/libcsupport/src/sup_fs_check_permissions.c index f6fd0e91c9..394f945b0b 100644 --- a/cpukit/libcsupport/src/sup_fs_check_permissions.c +++ b/cpukit/libcsupport/src/sup_fs_check_permissions.c @@ -70,29 +70,50 @@ RTEMS_STATIC_ASSERT( S_IXOTH ); +static bool equals_supplementary_group( + const rtems_user_env_t *uenv, + gid_t object_gid +) +{ + size_t i; + + for (i = 0; i < uenv->ngroups; ++i) { + if (uenv->groups[i] == object_gid) { + return true; + } + } + + return false; +} + bool rtems_filesystem_check_access( - int eval_flags, - mode_t node_mode, - uid_t node_uid, - gid_t node_gid + int flags, + mode_t object_mode, + uid_t object_uid, + gid_t object_gid ) { - mode_t perm_flags = eval_flags & RTEMS_FS_PERMS_RWX; - uid_t task_uid = geteuid(); + const rtems_user_env_t *uenv = rtems_current_user_env_get(); + mode_t access_flags = flags & RTEMS_FS_PERMS_RWX; + uid_t task_uid = uenv->euid; - if (task_uid == 0 || task_uid == node_uid) { - perm_flags <<= RTEMS_FS_USR_SHIFT; + if (task_uid == 0 || task_uid == object_uid) { + access_flags <<= RTEMS_FS_USR_SHIFT; } else { - gid_t task_gid = getegid(); + gid_t task_gid = uenv->egid; - if (task_gid == 0 || task_gid == node_gid) { - perm_flags <<= RTEMS_FS_GRP_SHIFT; + if ( + task_gid == 0 + || task_gid == object_gid + || equals_supplementary_group(uenv, object_gid) + ) { + access_flags <<= RTEMS_FS_GRP_SHIFT; } else { - perm_flags <<= RTEMS_FS_OTH_SHIFT; + access_flags <<= RTEMS_FS_OTH_SHIFT; } } - return (perm_flags & node_mode) == perm_flags; + return (access_flags & object_mode) == access_flags; } bool rtems_filesystem_eval_path_check_access( diff --git a/cpukit/libcsupport/src/uenvgetgroups.c b/cpukit/libcsupport/src/uenvgetgroups.c new file mode 100644 index 0000000000..9645a9618b --- /dev/null +++ b/cpukit/libcsupport/src/uenvgetgroups.c @@ -0,0 +1,36 @@ +/* + * Copyright (c) 2014 embedded brains GmbH. All rights reserved. + * + * embedded brains GmbH + * Dornierstr. 4 + * D-82178 Puchheim + * Germany + * <rtems@embedded-brains.de> + * + * The license and distribution terms for this file may be + * found in the file LICENSE in this distribution or at + * http://www.rtems.org/license/LICENSE. + */ + +#ifdef HAVE_CONFIG_H +#include "config.h" +#endif + +#include <rtems/userenv.h> +#include <rtems.h> + +#include <sys/types.h> +#include <unistd.h> + +void rtems_current_user_env_getgroups(void) +{ + rtems_user_env_t *uenv = rtems_current_user_env_get(); + int ngroups = (int) RTEMS_ARRAY_SIZE( uenv->groups ); + + ngroups = getgroups( ngroups, &uenv->groups[ 0 ] ); + if ( ngroups > 0 ) { + uenv->ngroups = (size_t) ngroups; + } else { + uenv->ngroups = 0; + } +} |