> It seems uid 0 is different from non root uid, see secpolicy_vnode_access() > (which is > called by nm_mount()). For the root user, write permission is not needed.
I see. > A non-root user will use the door call to communicate with the dlmgmtd > daemon. I believe that is not related to what permission of the door > file has. But how does that user obtain the file descriptor that they pass to door_call()? I'd presume they'd do an open(), and thus would need to at least have read permission on the rendezvous file. > > Also, I'm unclear why O_RDWR would be needed instead of O_RDONLY as we > > never actually write to (or read from) the file. > > > See above. I'm not seeing the connection. The file descriptor that is opened O_RDWR is closed before the fattach() is done. -- meem
