summaryrefslogtreecommitdiff
path: root/sys
diff options
context:
space:
mode:
authordm <dm@cvs.openbsd.org>1997-01-25 00:27:32 +0000
committerdm <dm@cvs.openbsd.org>1997-01-25 00:27:32 +0000
commit65ae83635e18dde3d897489de240396684c9d3f2 (patch)
tree3472e9fa2f5c0213d7d7ef06a5ebec059f422f43 /sys
parent9b7db42340f5341f2735db4bd7003676a7222280 (diff)
Only disclose generation number to root.
Diffstat (limited to 'sys')
-rw-r--r--sys/kern/kern_descrip.c6
-rw-r--r--sys/kern/vfs_syscalls.c8
2 files changed, 12 insertions, 2 deletions
diff --git a/sys/kern/kern_descrip.c b/sys/kern/kern_descrip.c
index a5829768d95..cd0d7d6752a 100644
--- a/sys/kern/kern_descrip.c
+++ b/sys/kern/kern_descrip.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kern_descrip.c,v 1.9 1996/10/28 00:42:30 tholo Exp $ */
+/* $OpenBSD: kern_descrip.c,v 1.10 1997/01/25 00:27:30 dm Exp $ */
/* $NetBSD: kern_descrip.c,v 1.42 1996/03/30 22:24:38 christos Exp $ */
/*
@@ -427,6 +427,10 @@ sys_fstat(p, v, retval)
case DTYPE_VNODE:
error = vn_stat((struct vnode *)fp->f_data, &ub, p);
+ /* Don't let non-root see generation numbers
+ (for NFS security) */
+ if (suser(p->p_ucred, &p->p_acflag))
+ ub.st_gen = 0;
break;
case DTYPE_SOCKET:
diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c
index e377f948272..d2c14f3dc0f 100644
--- a/sys/kern/vfs_syscalls.c
+++ b/sys/kern/vfs_syscalls.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: vfs_syscalls.c,v 1.18 1997/01/02 12:20:40 mickey Exp $ */
+/* $OpenBSD: vfs_syscalls.c,v 1.19 1997/01/25 00:27:31 dm Exp $ */
/* $NetBSD: vfs_syscalls.c,v 1.71 1996/04/23 10:29:02 mycroft Exp $ */
/*
@@ -1258,6 +1258,9 @@ sys_stat(p, v, retval)
vput(nd.ni_vp);
if (error)
return (error);
+ /* Don't let non-root see generation numbers (for NFS security) */
+ if (suser(p->p_ucred, &p->p_acflag))
+ sb.st_gen = 0;
error = copyout((caddr_t)&sb, (caddr_t)SCARG(uap, ub), sizeof (sb));
return (error);
}
@@ -1288,6 +1291,9 @@ sys_lstat(p, v, retval)
vput(nd.ni_vp);
if (error)
return (error);
+ /* Don't let non-root see generation numbers (for NFS security) */
+ if (suser(p->p_ucred, &p->p_acflag))
+ sb.st_gen = 0;
error = copyout((caddr_t)&sb, (caddr_t)SCARG(uap, ub), sizeof (sb));
return (error);
}