xref: /minix3/external/bsd/bind/dist/lib/isc/fsaccess.c (revision 00b67f09dd46474d133c95011a48590a8e8f94c7)
1*00b67f09SDavid van Moolenbroek /*	$NetBSD: fsaccess.c,v 1.4 2014/12/10 04:37:59 christos Exp $	*/
2*00b67f09SDavid van Moolenbroek 
3*00b67f09SDavid van Moolenbroek /*
4*00b67f09SDavid van Moolenbroek  * Copyright (C) 2004, 2005, 2007  Internet Systems Consortium, Inc. ("ISC")
5*00b67f09SDavid van Moolenbroek  * Copyright (C) 2000, 2001  Internet Software Consortium.
6*00b67f09SDavid van Moolenbroek  *
7*00b67f09SDavid van Moolenbroek  * Permission to use, copy, modify, and/or distribute this software for any
8*00b67f09SDavid van Moolenbroek  * purpose with or without fee is hereby granted, provided that the above
9*00b67f09SDavid van Moolenbroek  * copyright notice and this permission notice appear in all copies.
10*00b67f09SDavid van Moolenbroek  *
11*00b67f09SDavid van Moolenbroek  * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH
12*00b67f09SDavid van Moolenbroek  * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
13*00b67f09SDavid van Moolenbroek  * AND FITNESS.  IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT,
14*00b67f09SDavid van Moolenbroek  * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
15*00b67f09SDavid van Moolenbroek  * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE
16*00b67f09SDavid van Moolenbroek  * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
17*00b67f09SDavid van Moolenbroek  * PERFORMANCE OF THIS SOFTWARE.
18*00b67f09SDavid van Moolenbroek  */
19*00b67f09SDavid van Moolenbroek 
20*00b67f09SDavid van Moolenbroek /* Id: fsaccess.c,v 1.10 2007/06/19 23:47:17 tbox Exp  */
21*00b67f09SDavid van Moolenbroek 
22*00b67f09SDavid van Moolenbroek /*! \file
23*00b67f09SDavid van Moolenbroek  * \brief
24*00b67f09SDavid van Moolenbroek  * This file contains the OS-independent functionality of the API.
25*00b67f09SDavid van Moolenbroek  */
26*00b67f09SDavid van Moolenbroek #include <isc/fsaccess.h>
27*00b67f09SDavid van Moolenbroek #include <isc/result.h>
28*00b67f09SDavid van Moolenbroek #include <isc/util.h>
29*00b67f09SDavid van Moolenbroek 
30*00b67f09SDavid van Moolenbroek /*!
31*00b67f09SDavid van Moolenbroek  * Shorthand.  Maybe ISC__FSACCESS_PERMISSIONBITS should not even be in
32*00b67f09SDavid van Moolenbroek  * <isc/fsaccess.h>.  Could check consistency with sizeof(isc_fsaccess_t)
33*00b67f09SDavid van Moolenbroek  * and the number of bits in each function.
34*00b67f09SDavid van Moolenbroek  */
35*00b67f09SDavid van Moolenbroek #define STEP		(ISC__FSACCESS_PERMISSIONBITS)
36*00b67f09SDavid van Moolenbroek #define GROUP		(STEP)
37*00b67f09SDavid van Moolenbroek #define OTHER		(STEP * 2)
38*00b67f09SDavid van Moolenbroek 
39*00b67f09SDavid van Moolenbroek void
isc_fsaccess_add(int trustee,int permission,isc_fsaccess_t * access)40*00b67f09SDavid van Moolenbroek isc_fsaccess_add(int trustee, int permission, isc_fsaccess_t *access) {
41*00b67f09SDavid van Moolenbroek 	REQUIRE(trustee <= 0x7);
42*00b67f09SDavid van Moolenbroek 	REQUIRE(permission <= 0xFF);
43*00b67f09SDavid van Moolenbroek 
44*00b67f09SDavid van Moolenbroek 	if ((trustee & ISC_FSACCESS_OWNER) != 0)
45*00b67f09SDavid van Moolenbroek 		*access |= permission;
46*00b67f09SDavid van Moolenbroek 
47*00b67f09SDavid van Moolenbroek 	if ((trustee & ISC_FSACCESS_GROUP) != 0)
48*00b67f09SDavid van Moolenbroek 		*access |= (permission << GROUP);
49*00b67f09SDavid van Moolenbroek 
50*00b67f09SDavid van Moolenbroek 	if ((trustee & ISC_FSACCESS_OTHER) != 0)
51*00b67f09SDavid van Moolenbroek 		*access |= (permission << OTHER);
52*00b67f09SDavid van Moolenbroek }
53*00b67f09SDavid van Moolenbroek 
54*00b67f09SDavid van Moolenbroek void
isc_fsaccess_remove(int trustee,int permission,isc_fsaccess_t * access)55*00b67f09SDavid van Moolenbroek isc_fsaccess_remove(int trustee, int permission, isc_fsaccess_t *access) {
56*00b67f09SDavid van Moolenbroek 	REQUIRE(trustee <= 0x7);
57*00b67f09SDavid van Moolenbroek 	REQUIRE(permission <= 0xFF);
58*00b67f09SDavid van Moolenbroek 
59*00b67f09SDavid van Moolenbroek 
60*00b67f09SDavid van Moolenbroek 	if ((trustee & ISC_FSACCESS_OWNER) != 0)
61*00b67f09SDavid van Moolenbroek 		*access &= ~permission;
62*00b67f09SDavid van Moolenbroek 
63*00b67f09SDavid van Moolenbroek 	if ((trustee & ISC_FSACCESS_GROUP) != 0)
64*00b67f09SDavid van Moolenbroek 		*access &= ~(permission << GROUP);
65*00b67f09SDavid van Moolenbroek 
66*00b67f09SDavid van Moolenbroek 	if ((trustee & ISC_FSACCESS_OTHER) != 0)
67*00b67f09SDavid van Moolenbroek 		*access &= ~(permission << OTHER);
68*00b67f09SDavid van Moolenbroek }
69*00b67f09SDavid van Moolenbroek 
70*00b67f09SDavid van Moolenbroek static isc_result_t
check_bad_bits(isc_fsaccess_t access,isc_boolean_t is_dir)71*00b67f09SDavid van Moolenbroek check_bad_bits(isc_fsaccess_t access, isc_boolean_t is_dir) {
72*00b67f09SDavid van Moolenbroek 	isc_fsaccess_t bits;
73*00b67f09SDavid van Moolenbroek 
74*00b67f09SDavid van Moolenbroek 	/*
75*00b67f09SDavid van Moolenbroek 	 * Check for disallowed user bits.
76*00b67f09SDavid van Moolenbroek 	 */
77*00b67f09SDavid van Moolenbroek 	if (is_dir)
78*00b67f09SDavid van Moolenbroek 		bits = ISC_FSACCESS_READ |
79*00b67f09SDavid van Moolenbroek 		       ISC_FSACCESS_WRITE |
80*00b67f09SDavid van Moolenbroek 		       ISC_FSACCESS_EXECUTE;
81*00b67f09SDavid van Moolenbroek 	else
82*00b67f09SDavid van Moolenbroek 		bits = ISC_FSACCESS_CREATECHILD |
83*00b67f09SDavid van Moolenbroek 		       ISC_FSACCESS_ACCESSCHILD |
84*00b67f09SDavid van Moolenbroek 		       ISC_FSACCESS_DELETECHILD |
85*00b67f09SDavid van Moolenbroek 		       ISC_FSACCESS_LISTDIRECTORY;
86*00b67f09SDavid van Moolenbroek 
87*00b67f09SDavid van Moolenbroek 	/*
88*00b67f09SDavid van Moolenbroek 	 * Set group bad bits.
89*00b67f09SDavid van Moolenbroek 	 */
90*00b67f09SDavid van Moolenbroek 	bits |= bits << STEP;
91*00b67f09SDavid van Moolenbroek 	/*
92*00b67f09SDavid van Moolenbroek 	 * Set other bad bits.
93*00b67f09SDavid van Moolenbroek 	 */
94*00b67f09SDavid van Moolenbroek 	bits |= bits << STEP;
95*00b67f09SDavid van Moolenbroek 
96*00b67f09SDavid van Moolenbroek 	if ((access & bits) != 0) {
97*00b67f09SDavid van Moolenbroek 		if (is_dir)
98*00b67f09SDavid van Moolenbroek 			return (ISC_R_NOTFILE);
99*00b67f09SDavid van Moolenbroek 		else
100*00b67f09SDavid van Moolenbroek 			return (ISC_R_NOTDIRECTORY);
101*00b67f09SDavid van Moolenbroek 	}
102*00b67f09SDavid van Moolenbroek 
103*00b67f09SDavid van Moolenbroek 	return (ISC_R_SUCCESS);
104*00b67f09SDavid van Moolenbroek }
105