On 8/27/2019 4:13 AM, Corinna Vinschen wrote: > On Aug 26 17:43, Ken Brown wrote: >> Don't refer to lacl[pos] unless we know that pos >= 0. > > I'm not sure this is entirely right. Moving the assignment to > class_perm/def_class_perm into the previous if makes sense, but the > bools has_class_perm and has_def_class_perm should be set no matter > what, to indicate that class perms had been specified.
I don't think has_class_perm should be set if class_perm isn't set; that would cause a problem at sec_acl.cc:1169. For has_def_class_perm it doesn't seem to matter. Unless I'm missing something, has_def_class_perm is not used when new_style is true. > Either way, does this solve a real-world problem? If so, a pointer > or a short description would be nice. No, I just happened to notice it while studying the ACL code. Ken