Page MenuHomeFreeBSD
Files F151246091

D39079.id118812.diff
No OneTemporary
Actions

D39079.id118812.diff
View Options

diff --git a/sys/security/mac_veriexec/mac_veriexec.c b/sys/security/mac_veriexec/mac_veriexec.c
--- a/sys/security/mac_veriexec/mac_veriexec.c
+++ b/sys/security/mac_veriexec/mac_veriexec.c
@@ -603,10 +603,10 @@
return (0);
/*
- * Check if it's a verified file
+ * Check if this is an attempt to replace a verified file
*/
error = mac_veriexec_check_vp(cred, vp, VVERIFY);
- if (error == 0) { /* file is verified */
+ if (error == 0) { /* the target is verified */
MAC_VERIEXEC_DBG(2,
"(UNLINK) attempted to unlink a protected file (euid: %u)", cred->cr_uid);
@@ -644,10 +644,10 @@
return (0);
/*
- * Check if it's a verified file
+ * Check if this is an attempt to replace a verified file
*/
error = mac_veriexec_check_vp(cred, vp, VVERIFY);
- if (error == 0) { /* file is verified */
+ if (error == 0) { /* the target is verified */
MAC_VERIEXEC_DBG(2,
"(RENAME_FROM) attempted to rename a protected file (euid: %u)", cred->cr_uid);
return (EAUTH);
@@ -693,10 +693,10 @@
return (0);
/*
- * Check if it's a verified file
+ * Check if this is an attempt to replace a verified file
*/
error = mac_veriexec_check_vp(cred, vp, VVERIFY);
- if (error == 0) { /* file is verified */
+ if (error == 0) { /* the target is verified */
MAC_VERIEXEC_DBG(2,
"(RENAME_TO) attempted to overwrite a protected file (euid: %u)", cred->cr_uid);
return (EAUTH);
@@ -727,7 +727,7 @@
return (0);
/*
- * Do not allow chmod (set-[gu]id) of verified file
+ * Check target file do prohibit chmod (set-[gu]id) of verified file
*/
error = mac_veriexec_check_vp(cred, vp, VVERIFY);
if (error == EAUTH) /* it isn't verified */

File Metadata

Mime Type
text/plain
Expires
Wed, Apr 8, 2:27 AM (20 h, 34 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
31050404
Default Alt Text
D39079.id118812.diff (1 KB)

Event Timeline