aboutsummaryrefslogtreecommitdiff
path: root/sys/ufs/ufs/ufs_vnops.c
diff options
context:
space:
mode:
Diffstat (limited to 'sys/ufs/ufs/ufs_vnops.c')
-rw-r--r--sys/ufs/ufs/ufs_vnops.c14
1 files changed, 9 insertions, 5 deletions
diff --git a/sys/ufs/ufs/ufs_vnops.c b/sys/ufs/ufs/ufs_vnops.c
index 971fce1f7f7d..1b461bdae8b8 100644
--- a/sys/ufs/ufs/ufs_vnops.c
+++ b/sys/ufs/ufs/ufs_vnops.c
@@ -645,13 +645,17 @@ ufs_chmod(vp, mode, cred, td)
/*
* Privileged processes may set the sticky bit on non-directories,
* as well as set the setgid bit on a file with a group that the
- * process is not a member of.
+ * process is not a member of. Both of these are allowed in
+ * jail(8).
*/
- if (suser_cred(cred, PRISON_ROOT)) {
- if (vp->v_type != VDIR && (mode & S_ISTXT))
+ if (vp->v_type != VDIR && (mode & S_ISTXT)) {
+ if (suser_cred(cred, PRISON_ROOT))
return (EFTYPE);
- if (!groupmember(ip->i_gid, cred) && (mode & ISGID))
- return (EPERM);
+ }
+ if (!groupmember(ip->i_gid, cred) && (mode & ISGID)) {
+ error = suser_cred(cred, PRISON_ROOT);
+ if (error)
+ return (error);
}
ip->i_mode &= ~ALLPERMS;
ip->i_mode |= (mode & ALLPERMS);
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-21 12:18:03 +0000