Basic File Privileges [PSARC/2009/378 FastTrack timeout 7/10/2009]

Casper Dik casper at sac.sfbay.sun.com
Fri Jul 3 05:45:14 PDT 2009 

Template Version: @(#)sac_nextcase 1.68 02/23/09 SMI
This information is Copyright 2009 Sun Microsystems
1. Introduction
    1.1. Project/Component Working Name:
	 Basic File Privileges
    1.2. Name of Document Author/Supplier:
	 Author:  Casper Dik
    1.3  Date of This Document:
	03 July, 2009
4. Technical Description
I'm sponsoring this fasttrack for myself.

This project proposes two new "basic" privileges.

FILE_READ
        Allows a process to read a file or directory whose
        permission or ACL allow the process read permission.

FILE_WRITE
        Allows a process to write a file or directory whose
        permission or ACL allow the process write permission.

The purpose of these privileges is the ability to create a
"read-only" (no FILE_WRITE privilege) and a "write-only" (no FILE_READ
privilege) process.

The FILE_WRITE basic privilege is required for any modification
to a file or directory: open(2), creat(2), link(2), symlink(2),
rename(2), unlink(2), mkdir(2), rmdir(2), mknod(2) etc.

The FILE_READ basic privilege is required for opening a file
with O_RDONLY or O_RDWR.

Note: a "basic" privilege is a privilege which is part of the
default I, P and E privilege set.

--- open.2      Fri Jul  3 11:27:25 2009
+++ open.2.new  Fri Jul  3 11:51:58 2009
@@ -288,6 +288,11 @@
                      to open files for reading regardless  of  permis-
                      sion bits.
 
+                    To open a file for reading or writing,
+                    the basic privileges {PRIV_FILE_READ} and
+                    {PRIV_FILE_WRITE} need to be asserted in the
+                    effective set, respectively.
+
      EAGAIN          A  mandatory  share  reservation  could  not   be
                      obtained  because  the  desired  access conflicts
                      with an existing f_deny share reservation.
--- privileges.5        Thu Jul  2 17:41:57 2009
+++ privileges.5.new    Thu Jul  2 18:58:36 2009
@@ -101,6 +101,14 @@
          privileges are required to write files owned by UID 0 in  the
          absence of an effective UID of 0.
 
+     PRIV_FILE_READ
+        Allows a process to read a file or directory whose
+        permission or ACL allow the process read permission.
+
+     PRIV_FILE_WRITE
+        Allows a process to write a file or directory whose
+        permission or ACL allow the process write permission.
+
      PRIV_FILE_DOWNGRADE_SL
 
          Allow a process to set the sensitivity label  of  a  file  or

6. Resources and Schedule
    6.4. Steering Committee requested information
   	6.4.1. Consolidation C-team Name:
		ON
    6.5. ARC review type: FastTrack
    6.6. ARC Exposure: open

More information about the opensolaris-arc mailing list