diff options
author | dm <dm@cvs.openbsd.org> | 1997-01-25 00:27:32 +0000 |
---|---|---|
committer | dm <dm@cvs.openbsd.org> | 1997-01-25 00:27:32 +0000 |
commit | 65ae83635e18dde3d897489de240396684c9d3f2 (patch) | |
tree | 3472e9fa2f5c0213d7d7ef06a5ebec059f422f43 /sys | |
parent | 9b7db42340f5341f2735db4bd7003676a7222280 (diff) |
Only disclose generation number to root.
Diffstat (limited to 'sys')
-rw-r--r-- | sys/kern/kern_descrip.c | 6 | ||||
-rw-r--r-- | sys/kern/vfs_syscalls.c | 8 |
2 files changed, 12 insertions, 2 deletions
diff --git a/sys/kern/kern_descrip.c b/sys/kern/kern_descrip.c index a5829768d95..cd0d7d6752a 100644 --- a/sys/kern/kern_descrip.c +++ b/sys/kern/kern_descrip.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_descrip.c,v 1.9 1996/10/28 00:42:30 tholo Exp $ */ +/* $OpenBSD: kern_descrip.c,v 1.10 1997/01/25 00:27:30 dm Exp $ */ /* $NetBSD: kern_descrip.c,v 1.42 1996/03/30 22:24:38 christos Exp $ */ /* @@ -427,6 +427,10 @@ sys_fstat(p, v, retval) case DTYPE_VNODE: error = vn_stat((struct vnode *)fp->f_data, &ub, p); + /* Don't let non-root see generation numbers + (for NFS security) */ + if (suser(p->p_ucred, &p->p_acflag)) + ub.st_gen = 0; break; case DTYPE_SOCKET: diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c index e377f948272..d2c14f3dc0f 100644 --- a/sys/kern/vfs_syscalls.c +++ b/sys/kern/vfs_syscalls.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vfs_syscalls.c,v 1.18 1997/01/02 12:20:40 mickey Exp $ */ +/* $OpenBSD: vfs_syscalls.c,v 1.19 1997/01/25 00:27:31 dm Exp $ */ /* $NetBSD: vfs_syscalls.c,v 1.71 1996/04/23 10:29:02 mycroft Exp $ */ /* @@ -1258,6 +1258,9 @@ sys_stat(p, v, retval) vput(nd.ni_vp); if (error) return (error); + /* Don't let non-root see generation numbers (for NFS security) */ + if (suser(p->p_ucred, &p->p_acflag)) + sb.st_gen = 0; error = copyout((caddr_t)&sb, (caddr_t)SCARG(uap, ub), sizeof (sb)); return (error); } @@ -1288,6 +1291,9 @@ sys_lstat(p, v, retval) vput(nd.ni_vp); if (error) return (error); + /* Don't let non-root see generation numbers (for NFS security) */ + if (suser(p->p_ucred, &p->p_acflag)) + sb.st_gen = 0; error = copyout((caddr_t)&sb, (caddr_t)SCARG(uap, ub), sizeof (sb)); return (error); } |