mirror of
https://github.com/RGBCube/serenity
synced 2025-05-29 06:55:07 +00:00
Kernel: Add Credentials to hold a set of user and group IDs
This patch adds a new object to hold a Process's user credentials: - UID, EUID, SUID - GID, EGID, SGID, extra GIDs Credentials are immutable and child processes initially inherit the Credentials object from their parent. Whenever a process changes one or more of its user/group IDs, a new Credentials object is constructed. Any code that wants to inspect and act on a set of credentials can now do so without worrying about data races.
This commit is contained in:
Andreas Kling
parent
bec314611d
commit
122d7d9533
11 changed files with 366 additions and 128 deletions
|
|
@ -11,17 +11,20 @@ namespace Kernel {
|
|||
|
||||
bool InodeMetadata::may_read(Process const& process) const
|
||||
{
|
||||
return may_read(process.euid(), process.egid(), process.extra_gids());
|
||||
auto credentials = process.credentials();
|
||||
return may_read(credentials->euid(), credentials->egid(), credentials->extra_gids());
|
||||
}
|
||||
|
||||
bool InodeMetadata::may_write(Process const& process) const
|
||||
{
|
||||
return may_write(process.euid(), process.egid(), process.extra_gids());
|
||||
auto credentials = process.credentials();
|
||||
return may_write(credentials->euid(), credentials->egid(), credentials->extra_gids());
|
||||
}
|
||||
|
||||
bool InodeMetadata::may_execute(Process const& process) const
|
||||
{
|
||||
return may_execute(process.euid(), process.egid(), process.extra_gids());
|
||||
auto credentials = process.credentials();
|
||||
return may_execute(credentials->euid(), credentials->egid(), credentials->extra_gids());
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue