Page MenuHomeFreeBSD

libc: allow posix_fallocate in capability mode
ClosedPublic

Authored by emaste on Oct 11 2017, 7:46 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Mar 25, 10:27 PM
Unknown Object (File)
Jan 29 2024, 9:16 AM
Unknown Object (File)
Jan 2 2024, 3:54 AM
Unknown Object (File)
Dec 22 2023, 11:47 PM
Unknown Object (File)
Dec 12 2023, 12:19 AM
Unknown Object (File)
Nov 15 2023, 10:31 PM
Unknown Object (File)
Nov 6 2023, 7:33 AM
Unknown Object (File)
Oct 30 2023, 7:53 PM
Subscribers
None

Details

Summary

posix_fallocate is logically equivalent to writing zero blocks to the desired file size and there is no reason to prevent calling it in capability mode. posix_fallocate already checked for the CAP_WRITE right, so we merely need to list it in capabilities.conf.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

Per discussion on the recent capsicum call, posix_fallocate could require CAP_PWRITE (aka CAP_WRITE | CAP_SEEK) instead of just CAP_WRITE.

Require CAP_PWRITE (CAP_WRITE | CAP_SEEK) for posix_fallocate.

This revision is now accepted and ready to land.Oct 12 2017, 2:04 AM
This revision was automatically updated to reflect the committed changes.