Only disclose generation number to root.

diff --git a/sys/kern/kern_descrip.c b/sys/kern/kern_descrip.c
index a582976..cd0d7d6 100644 (file)
--- a/sys/kern/kern_descrip.c
+++ b/sys/kern/kern_descrip.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: kern_descrip.c,v 1.9 1996/10/28 00:42:30 tholo Exp $  */
+/*     $OpenBSD: kern_descrip.c,v 1.10 1997/01/25 00:27:30 dm Exp $    */
 /*     $NetBSD: kern_descrip.c,v 1.42 1996/03/30 22:24:38 christos Exp $       */
 
 /*
@@ -427,6 +427,10 @@ sys_fstat(p, v, retval)
 
        case DTYPE_VNODE:
                error = vn_stat((struct vnode *)fp->f_data, &ub, p);
+               /* Don't let non-root see generation numbers
+                  (for NFS security) */
+               if (suser(p->p_ucred, &p->p_acflag))
+                       ub.st_gen = 0;
                break;
 
        case DTYPE_SOCKET:

diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c
index e377f94..d2c14f3 100644 (file)
--- a/sys/kern/vfs_syscalls.c
+++ b/sys/kern/vfs_syscalls.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: vfs_syscalls.c,v 1.18 1997/01/02 12:20:40 mickey Exp $        */
+/*     $OpenBSD: vfs_syscalls.c,v 1.19 1997/01/25 00:27:31 dm Exp $    */
 /*     $NetBSD: vfs_syscalls.c,v 1.71 1996/04/23 10:29:02 mycroft Exp $        */
 
 /*
@@ -1258,6 +1258,9 @@ sys_stat(p, v, retval)
        vput(nd.ni_vp);
        if (error)
                return (error);
+       /* Don't let non-root see generation numbers (for NFS security) */
+       if (suser(p->p_ucred, &p->p_acflag))
+               sb.st_gen = 0;
        error = copyout((caddr_t)&sb, (caddr_t)SCARG(uap, ub), sizeof (sb));
        return (error);
 }
@@ -1288,6 +1291,9 @@ sys_lstat(p, v, retval)
        vput(nd.ni_vp);
        if (error)
                return (error);
+       /* Don't let non-root see generation numbers (for NFS security) */
+       if (suser(p->p_ucred, &p->p_acflag))
+               sb.st_gen = 0;
        error = copyout((caddr_t)&sb, (caddr_t)SCARG(uap, ub), sizeof (sb));
        return (error);
 }