summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--sys/nfs/nfs_serv.c15
1 files changed, 9 insertions, 6 deletions
diff --git a/sys/nfs/nfs_serv.c b/sys/nfs/nfs_serv.c
index 2cf2ebd3c81..d70aebd0d5a 100644
--- a/sys/nfs/nfs_serv.c
+++ b/sys/nfs/nfs_serv.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: nfs_serv.c,v 1.71 2009/06/05 20:10:51 naddy Exp $ */
+/* $OpenBSD: nfs_serv.c,v 1.72 2009/06/05 21:35:33 thib Exp $ */
/* $NetBSD: nfs_serv.c,v 1.34 1997/05/12 23:37:12 fvdl Exp $ */
/*
@@ -3121,14 +3121,17 @@ nfsrv_noop(nfsd, slp, procp, mrq)
/*
* Perform access checking for vnodes obtained from file handles that would
- * refer to files already opened by a Unix client. You cannot just use
- * vn_writechk() and VOP_ACCESS() for two reasons.
- * 1 - You must check for exported rdonly as well as MNT_RDONLY for the write case
+ * refer to files already opened by a Unix client.
+ * You cannot just use vn_writechk() and VOP_ACCESS() for two reasons:
+ * 1 - You must check for exported rdonly as well as MNT_RDONLY for the
+ * write case
* 2 - The owner is to be given access irrespective of mode bits for some
* operations, so that processes that chmod after opening a file don't
* break. I don't like this because it opens a security hole, but since
* the nfs server opens a security hole the size of a barn door anyhow,
- * what the heck.
+ * what the heck. A notable exception to this rule is when VOP_ACCESS()
+ * returns EPERM (e.g. when a file is immutable) which is always an
+ * error.
*/
int
nfsrv_access(vp, flags, cred, rdonly, p, override)
@@ -3172,7 +3175,7 @@ nfsrv_access(vp, flags, cred, rdonly, p, override)
* Allow certain operations for the owner (reads and writes
* on files that are already open).
*/
- if (override && (error == EPERM || error == EACCES) &&
+ if (override && error == EACCES &&
VOP_GETATTR(vp, &vattr, cred, p) == 0 &&
cred->cr_uid == vattr.va_uid)
error = 0;