serenity/Kernel/FileSystem/InodeMetadata.cpp
sin-ack fa692e13f9 Kernel: Use real UID/GID when checking for file access
This aligns the rest of the system with POSIX, who says that access(2)
must check against the real UID and GID, not effective ones.
2022-12-11 19:55:37 -07:00

30 lines
1.1 KiB
C++

/*
* Copyright (c) 2022, Andreas Kling <kling@serenityos.org>
*
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <Kernel/FileSystem/InodeMetadata.h>
#include <Kernel/Process.h>
namespace Kernel {
bool InodeMetadata::may_read(Credentials const& credentials, UseEffectiveIDs use_effective_ids) const
{
bool eids = use_effective_ids == UseEffectiveIDs::Yes;
return may_read(eids ? credentials.euid() : credentials.uid(), eids ? credentials.egid() : credentials.gid(), credentials.extra_gids());
}
bool InodeMetadata::may_write(Credentials const& credentials, UseEffectiveIDs use_effective_ids) const
{
bool eids = use_effective_ids == UseEffectiveIDs::Yes;
return may_write(eids ? credentials.euid() : credentials.uid(), eids ? credentials.egid() : credentials.gid(), credentials.extra_gids());
}
bool InodeMetadata::may_execute(Credentials const& credentials, UseEffectiveIDs use_effective_ids) const
{
bool eids = use_effective_ids == UseEffectiveIDs::Yes;
return may_execute(eids ? credentials.euid() : credentials.uid(), eids ? credentials.egid() : credentials.gid(), credentials.extra_gids());
}
}