On Sunday 23 July 2006 22:07, 李尚杰 wrote:
> The code for ipcperm() call :
> 93 if (mode & IPC_M) {
> 94 error = suser(td);
> 95 if (error)
> 96 return (error);
> 97 }
> 116 if ((mode & perm->mode) != mode) {
> 117 if (suser(td) != 0)
> 118 return (EACCES);
> 119 }
>
> why not directly return the error in line 94?
If suser() returns 0 and you just did 'return(suser(td))' then you would not
perform the additional security check in lines 116-119 which could result in
allowing access to an IPC object when it should be restricted.
--
John Baldwin
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
