1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-24 23:07:34 +00:00

Kernel: Start adding various file system permission checks.

Fail with EACCES in various situations. Fix userland bugs that were exposed.
This commit is contained in:
Andreas Kling 2019-02-21 15:45:31 +01:00
parent 43075e5878
commit f5f136931a
7 changed files with 96 additions and 8 deletions

View file

@ -4,6 +4,8 @@
#include "UnixTypes.h"
#include <AK/HashTable.h>
class Process;
inline bool is_directory(mode_t mode) { return (mode & 0170000) == 0040000; }
inline bool is_character_device(mode_t mode) { return (mode & 0170000) == 0020000; }
inline bool is_block_device(mode_t mode) { return (mode & 0170000) == 0060000; }
@ -18,6 +20,28 @@ inline bool is_setgid(mode_t mode) { return mode & 02000; }
struct InodeMetadata {
bool is_valid() const { return inode.is_valid(); }
bool may_read(Process&) const;
bool may_write(Process&) const;
bool may_execute(Process&) const;
bool may_read(uid_t u, const HashTable<gid_t>& g) const
{
if (uid == u)
return mode & 0400;
if (g.contains(gid))
return mode & 0040;
return mode & 0004;
}
bool may_write(uid_t u, const HashTable<gid_t>& g) const
{
if (uid == u)
return mode & 0200;
if (g.contains(gid))
return mode & 0020;
return mode & 0002;
}
bool may_execute(uid_t u, const HashTable<gid_t>& g) const
{
if (uid == u)