| blob | 0c524c30946a47c0fe9728cf90b58e6440e2de1c |
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License, Version 1.0 only
6 * (the "License"). You may not use this file except in compliance
7 * with the License.
8 *
9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 * or http://www.opensolaris.org/os/licensing.
11 * See the License for the specific language governing permissions
12 * and limitations under the License.
13 *
14 * When distributing Covered Code, include this CDDL HEADER in each
15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 * If applicable, add the following below this CDDL HEADER, with the
17 * fields enclosed by brackets "[]" replaced with your own identifying
18 * information: Portions Copyright [yyyy] [name of copyright owner]
19 *
20 * CDDL HEADER END
21 */
22 /*
23 * Copyright 2004 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
25 */
27 /* Copyright (c) 1983, 1984, 1985, 1986, 1987, 1988, 1989 AT&T */
28 /* All Rights Reserved */
30 /*
31 * Portions of this source code were derived from Berkeley 4.3 BSD
32 * under license from the Regents of the University of California.
33 */
37 /*
38 * Use of this object by a utility (so far chmod, mkdir and mkfifo use
39 * it) requires that the utility implement an error-processing routine
40 * named errmsg(), with a prototype as specified below.
41 *
42 * This is necessary because the mode-parsing code here makes use of such
43 * a routine, located in chmod.c. The error-reporting style of the
44 * utilities sharing this code differs enough that it is difficult to
45 * implement a common version of this routine to be used by all.
46 */
48 /*
49 * Note that many convolutions are necessary
50 * due to the re-use of bits between locking
51 * and setgid
52 */
54 #include <ctype.h>
55 #include <stdio.h>
56 #include <sys/types.h>
57 #include <sys/stat.h>
58 #include <dirent.h>
59 #include <locale.h>
61 #include <stdarg.h>
75 #define GROUP_RWX (GROUP & (READ | WRITE | EXEC))
77 #define WHO_EMPTY 0
84 static int
87 static mode_t
91 mode_t
95 /*
96 * Wrapper for newmode_common. This function is called by mkdir and
97 * mkfifo.
98 */
99 mode_t
101 {
105 }
107 /*
108 * We are parsing a comma-separated list of mode expressions of the form:
109 *
110 * [<who>] <op> [<perms>]
111 */
113 /* ARGSUSED */
114 mode_t
117 {
118 /*
119 * new_mode contains the mode value constructed by parsing the
120 * expression pointed to by ms
121 * old_mode contains the mode provided by the caller
122 * oper contains +|-|= information
123 * perms_msk contains rwx(slt) information
124 * umsk contains the umask value to be assumed.
125 * who_empty is non-zero if the <who> clause did not appear.
126 * who_msk contains USER|GROUP|OTHER information
127 */
138 mode_t who_msk;
139 mode_t perms_msk;
141 mode_t grp_change;
152 /*
153 * When <who> is empty, and <oper> == `=`, the umask is
154 * obeyed. So we need to make note of it here, for use
155 * later.
156 */
163 }
166 /*
167 * this section processes permissions
168 */
170 operand_empty++;
184 dup:
188 msp++;
190 }
209 }
224 msp--;
226 }
227 }
235 }
238 /* is group execution requested? */
242 /* not locking, too! */
246 "and locking not permitted "
248 }
250 /*
251 * not if the file is already
252 * lockable.
253 */
259 "execution not permitted "
261 path);
263 }
264 }
266 /* is setgid on execution requested? */
269 /* not locking, too! */
276 "locking not permitted "
278 }
280 /*
281 * not if the file is already
282 * lockable
283 */
290 "not permitted on a "
293 }
294 }
296 /* is setid on execution requested? */
299 /*
300 * the corresponding execution must
301 * be requested or already set
302 */
308 "permission required "
309 "for set-ID on "
311 path);
313 }
314 }
316 /* is locking requested? */
318 /*
319 * not if the file has group execution
320 * set.
321 * NOTE: this also covers files with
322 * setgid
323 */
329 "permitted on "
330 "a group executable "
332 path);
334 }
335 }
341 }
343 /* create new mode */
350 }
352 /* don't turn off locking, unless it's on */
355 LOCK) {
357 }
359 /* don't turn off setgid, unless it's on */
364 LOCK) {
366 }
368 /*
369 * if execution is being turned off and the
370 * corresponding setid is not, turn setid off,
371 * too & warn the user
372 */
381 "also disabled on file since "
382 "set-ID requires execute "
384 path);
392 }
400 }
401 }
407 }
409 /* create new mode */
416 }
417 /* is locking requested? */
419 /* not group execution, too! */
425 "and locking not "
427 }
429 /*
430 * if the file has group execution set,
431 * turn it off!
432 */
435 }
436 }
438 /*
439 * is setid on execution requested? the
440 * corresponding execution must be requested,
441 * too!
442 */
449 "required for set-ID on "
451 }
453 /*
454 * The ISGID bit on directories will not be
455 * changed when the mode argument is a string
456 * with "=".
457 */
462 /*
463 * create new mode:
464 * clear the who_msk bits
465 * set the perms_mks bits (which have
466 * been trimmed to fit the who_msk.
467 */
473 }
478 }
479 }
484 }
487 }
489 mode_t
491 {
493 mode_t i;
500 /*
501 * The ISGID bit on directories will not be changed when the mode argument is
502 * octal numeric. Only "g+s" and "g-s" arguments can change ISGID bit when
503 * applied to directories.
504 */
510 }
512 static mode_t
514 {
515 mode_t m;
535 }
536 }
537 }
539 static int
541 {
547 }
549 }