From 0f71afb31e893e2b16ff7ea5fcc2158060b93bf5 Mon Sep 17 00:00:00 2001 From: Robert Watson Date: Tue, 22 Feb 2000 03:56:58 +0000 Subject: [PATCH] After much consulting with bde, concluded that this fix was the best fix to the current jail/chflags interactions. This fix conditionalizes ``root behavior'' in the chflags() case on not being in jail, so attempts to perform a chflags in a jail are limited to what a normal user could do. For example, this does allow setting of user flags as appropriate, but prohibits changing of system flags. Reviewed by: bde --- sys/ufs/ufs/ufs_vnops.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sys/ufs/ufs/ufs_vnops.c b/sys/ufs/ufs/ufs_vnops.c index 56968953ae4..c3f60181b07 100644 --- a/sys/ufs/ufs/ufs_vnops.c +++ b/sys/ufs/ufs/ufs_vnops.c @@ -444,9 +444,9 @@ ufs_setattr(ap) if (vp->v_mount->mnt_flag & MNT_RDONLY) return (EROFS); if (cred->cr_uid != ip->i_uid && - (error = suser(p))) + (error = suser_xxx(cred, p, PRISON_ROOT))) return (error); - if (cred->cr_uid == 0) { + if ((cred->cr_uid == 0) && (p->p_prison == NULL)) { if ((ip->i_flags & (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND)) && securelevel > 0)