fix capabilities in write and execute case

Change-Id: Ic9abc53cd0aafa1fd6272fab8191493c609ea995
2021-04-16 17:33:40 +08:00 · 2021-04-16 17:33:40 +08:00 · c6b898ea30
parent 62e708c70f
commit c6b898ea30
1 changed files with 5 additions and 4 deletions
--- a/fs/vfs/operation/fs_other.c
+++ b/fs/vfs/operation/fs_other.c
@ -107,20 +107,21 @@ int VfsPermissionCheck(uint fuid, uint fgid, uint fileMode, int accMode)

    tmpMode = 0;
    if (S_ISDIR(fileMode)) {
-        if (((uint)accMode & EXEC_OP) && (IsCapPermit(CAP_DAC_READ_SEARCH))) {
+        if (IsCapPermit(CAP_DAC_EXECUTE)
+            || (!((uint)accMode & WRITE_OP) && IsCapPermit(CAP_DAC_READ_SEARCH))) {
            tmpMode |= EXEC_OP;
        }
    } else {
-        if (((uint)accMode & EXEC_OP) && (IsCapPermit(CAP_DAC_EXECUTE)) && (fileMode & MODE_IXUGO)) {
+        if (IsCapPermit(CAP_DAC_EXECUTE) && (fileMode & MODE_IXUGO)) {
            tmpMode |= EXEC_OP;
        }
    }

-    if (((uint)accMode & WRITE_OP) && IsCapPermit(CAP_DAC_WRITE)) {
+    if (IsCapPermit(CAP_DAC_WRITE)) {
        tmpMode |= WRITE_OP;
    }

-    if (((uint)accMode & READ_OP) && IsCapPermit(CAP_DAC_READ_SEARCH)) {
+    if (IsCapPermit(CAP_DAC_READ_SEARCH)) {
        tmpMode |= READ_OP;
    }