I'm working on (again) the fix for 6613349 suid not allowed message could be better.
Briefly, I'm trying to make the '<exec name>, uid NNN: suid execution not allowed, dev=XXX' message be more informative instead of just the exec name and the hex device number of the device of the filesystem it failed on. Having revisited this, I think what would be most useful would be something of the form 'uid NNN: suid execution not allowed fs=/mountpoint (/pathname/of/file)'. The last two bits coming from vfs_t->vfs_mntpnt and vnode_t->v_path (respectively). I have some questions regarding this since I am not a vfs expert. 1. Assuming I do a 'refstr_hold(vfs_.t->vfs_mntpnt); /* use mntpnt value */ refstr_rele(vfs_t->vfs_mntpnt);', are there any situations where the value might be invalid (and could cause a panic or other nasty behavior)? 2. Similarly, I believe that vnode_t->v_path is not always guaranteed to be valid (i.e. it may be NULL). In this situation, I am thinking to merely omit this it from the output, but again, is there any special conditions I need to be aware of before using it? I have a zone related question (the current message always goes to the global zone only -- I suspect that's wrong), but I'll put that to zones-discuss. _______________________________________________ opensolaris-code mailing list opensolaris-code@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/opensolaris-code
