xref: /third_party/ntfs-3g/src/ntfs-3g.c

101 #include "security.h"
286  *      Fill a security context as needed by security functions
298 	scx->mapping[MAPUSERS] = ctx->security.mapping[MAPUSERS];
299 	scx->mapping[MAPGROUPS] = ctx->security.mapping[MAPGROUPS];
313 	return (ctx->security.mapping[MAPUSERS] != (struct MAPPING*)NULL);
815 	struct SECURITY_CONTEXT security;
826 	withusermapping = ntfs_fuse_fill_security_context(&security);
832 	    && !ntfs_allowed_dir_access(&security,path,
1035 		if (ntfs_get_owner_mode(&security,ni,stbuf) < 0)
1380 	struct SECURITY_CONTEXT security;
1387 		if (ntfs_fuse_fill_security_context(&security)) {
1400 				? !ntfs_allowed_dir_access(&security,
1402 				: !ntfs_allowed_dir_access(&security, path,
1404 				     || !ntfs_allowed_access(&security,
1479 	struct SECURITY_CONTEXT security;
1495 		if (ntfs_fuse_fill_security_context(&security)) {
1507 			if (!ntfs_allowed_dir_access(&security,
1509 			  || !ntfs_allowed_access(&security,
1820 	struct SECURITY_CONTEXT security;
1862 	if (ntfs_fuse_fill_security_context(&security)
1863 		&& (!ntfs_allowed_dir_access(&security, path,
1866 		     && !ntfs_allowed_access(&security, ni, S_IWRITE)))) {
1923 	struct SECURITY_CONTEXT security;
1933 	    || !ntfs_fuse_fill_security_context(&security)) {
1941 		if (ntfs_allowed_dir_access(&security,path,
1948 				if (ntfs_set_mode(&security,ni,mode))
1968 	struct SECURITY_CONTEXT security;
1977 	    || !ntfs_fuse_fill_security_context(&security)) {
1989 			if (ntfs_allowed_dir_access(&security,path,
1996 					if (ntfs_set_owner(&security,
2020 	struct SECURITY_CONTEXT security;
2026 	if (!ntfs_fuse_fill_security_context(&security)) {
2033 		if (ntfs_allowed_dir_access(&security,path,(ntfs_inode*)NULL,
2044 					if (!ntfs_allowed_access(&security,
2074 	struct SECURITY_CONTEXT security;
2110 	if (!ntfs_fuse_fill_security_context(&security)
2111 	       || ntfs_allowed_create(&security,
2114 		ntfs_fuse_fill_security_context(&security);
2115 		ntfs_allowed_create(&security, dir_ni, &gid, &dsetgid);
2127 			 * Try to get a security id available for
2130 			 * have to build a security attribute later.
2132 		if (!ctx->security.mapping[MAPUSERS])
2136 				securid = ntfs_inherited_id(&security,
2140 				securid = ntfs_alloc_securid(&security,
2141 					security.uid, gid,
2144 				securid = ntfs_alloc_securid(&security,
2145 					security.uid, gid,
2146 					perm & ~security.umask, S_ISDIR(type));
2193 				 * set the security attribute if a security id
2196 			if (ctx->security.mapping[MAPUSERS]) {
2199 				   && ntfs_set_inherited_posix(&security, ni,
2200 					security.uid, gid,
2205 				   && ntfs_set_owner_mode(&security, ni,
2206 					security.uid, gid, 
2207 					perm & ~security.umask) < 0)
2365 	struct SECURITY_CONTEXT security;
2404 	if (ntfs_fuse_fill_security_context(&security)
2405 	   && ((!samedir && !ntfs_allowed_dir_access(&security,old_path,
2407 	      || !ntfs_allowed_access(&security,dir_ni,S_IWRITE + S_IEXEC)))
2457 	struct SECURITY_CONTEXT security;
2497 	if (!ntfs_fuse_fill_security_context(&security)
2498 	    || ntfs_allowed_dir_access(&security, org_path, dir_ni, ni,
2556 	struct SECURITY_CONTEXT security;
2570 		if (!ntfs_fuse_fill_security_context(&security)
2571 		   || ntfs_allowed_dir_access(&security, path,
2642 	struct SECURITY_CONTEXT security;
2665 		if (!ntfs_fuse_fill_security_context(&security)
2666 		  || ntfs_allowed_dir_access(&security, new_path,
2775 	struct SECURITY_CONTEXT security;
2782 	if (ntfs_fuse_fill_security_context(&security)
2783 	    && !ntfs_allowed_dir_access(&security,path,
2795 		if (ntfs_allowed_as_owner(&security, ni)
2798 			&& ntfs_allowed_access(&security, ni, S_IWRITE))) {
2836 	struct SECURITY_CONTEXT security;
2843 	if (ntfs_fuse_fill_security_context(&security)
2844 	    && !ntfs_allowed_dir_access(&security,path,
2854 	ownerok = ntfs_allowed_as_owner(&security, ni);
2864 			&& ntfs_allowed_access(&security, ni, S_IWRITE);
2880 			&& ntfs_allowed_access(&security, ni, S_IWRITE);
3018 static ntfs_inode *ntfs_check_access_xattr(struct SECURITY_CONTEXT *security,
3037 		if (((!ntfs_fuse_fill_security_context(security)
3043 			if (ctx->silent && !ctx->security.mapping[MAPUSERS])
3061 				if (ntfs_allowed_real_dir_access(security, path,
3123 		 * security, trusted and unmapped system name spaces :
3154 	struct SECURITY_CONTEXT security;
3158 	if (ntfs_fuse_fill_security_context(&security)
3159 	    && !ntfs_allowed_dir_access(&security,path,(ntfs_inode*)NULL,
3172 	if (!ntfs_allowed_access(&security,ni,S_IREAD)) {
3208 	struct SECURITY_CONTEXT security;
3215 	if (ntfs_fuse_fill_security_context(&security)
3216 	    && !ntfs_allowed_dir_access(&security,path,(ntfs_inode*)NULL,
3225 	if (!ntfs_allowed_access(&security,ni,S_IREAD)) {
3299 	struct SECURITY_CONTEXT security;
3318 		ni = ntfs_check_access_xattr(&security, path, attr, FALSE);
3320 			if (ntfs_allowed_access(&security,ni,S_IREAD)) {
3325 				res = ntfs_xattr_system_getxattr(&security,
3348 				ntfs_fuse_fill_security_context(&security);
3353 				res = ntfs_xattr_system_getxattr(&security,
3374 	if (ntfs_fuse_fill_security_context(&security)
3375 	    && !ntfs_allowed_dir_access(&security,path,(ntfs_inode*)NULL,
3381 	    && security.uid)
3394 	if (!ntfs_allowed_access(&security, ni, S_IREAD)) {
3458 	struct SECURITY_CONTEXT security;
3479 		ni = ntfs_check_access_xattr(&security,path,attr,TRUE);
3481 			if (ntfs_allowed_as_owner(&security,ni)) {
3486 				res = ntfs_xattr_system_setxattr(&security,
3513 				ni = ntfs_check_access_xattr(&security,path,attr,TRUE);
3521 				if (!ntfs_fuse_fill_security_context(&security)
3522 				   || ntfs_allowed_as_owner(&security,ni)) {
3527 					res = ntfs_xattr_system_setxattr(&security,
3556 	if (ntfs_fuse_fill_security_context(&security)
3557 	    && !ntfs_allowed_dir_access(&security,path,(ntfs_inode*)NULL,
3561 		/* security and trusted only settable by root */
3564 		&& security.uid)
3574 		if (security.uid) {
3580 		if (!ntfs_allowed_as_owner(&security,ni)) {
3591 		if (!ntfs_allowed_access(&security,ni,S_IWRITE)) {
3690 	struct SECURITY_CONTEXT security;
3717 			ni = ntfs_check_access_xattr(&security,path,attr,TRUE);
3719 				if (ntfs_allowed_as_owner(&security,ni)) {
3724 					res = ntfs_xattr_system_removexattr(&security,
3748 				ni = ntfs_check_access_xattr(&security,
3763 				if (!ntfs_fuse_fill_security_context(&security)
3764 				   || ntfs_allowed_as_owner(&security,ni)) {
3769 					res = ntfs_xattr_system_removexattr(&security,
3798 	if (ntfs_fuse_fill_security_context(&security)
3799 	    && !ntfs_allowed_dir_access(&security,path,(ntfs_inode*)NULL,
3803 		/* security and trusted only settable by root */
3806 		&& security.uid)
3816 		if (security.uid) {
3822 		if (!ntfs_allowed_as_owner(&security,ni)) {
3833 		if (!ntfs_allowed_access(&security,ni,S_IWRITE)) {
3909 	struct SECURITY_CONTEXT security;
3920 		if (ntfs_fuse_fill_security_context(&security)) {
3932 		ntfs_destroy_security_context(&security);
4418 	ctx->security.uid = 0;
4419 	ctx->security.gid = 0;
4423 		ctx->security.uid = sbuf.st_uid;
4424 		ctx->security.gid = sbuf.st_gid;
4479 	ctx->security.vol = ctx->vol;
4485 	if (!ntfs_build_mapping(&ctx->security,ctx->usermap_path,
4509 			 * force default security
4522 		ctx->security.uid = ctx->uid;
4523 		ctx->security.gid = ctx->gid;
4525 		ctx->security.mapping[MAPUSERS] = (struct MAPPING*)NULL;
4526 		ctx->security.mapping[MAPGROUPS] = (struct MAPPING*)NULL;

Indexes created Thu Nov 07 10:32:03 CST 2024