Finder comingles vnode create permissions with delete permissions
| Originator: | shadow | ||
| Number: | rdar://7754301 | Date Originated: | 3/15/2010 |
| Status: | open | Resolved: | |
| Product: | MacOS X | Product Version: | 10.6.2 (10C540) |
| Classification: | UI/Usability | Reproducible: | yes |
Summary: Providing support for an insert-only (no delete) dropbox in a VFS-providing kext appears to require lying to finder about offering delete permissions. Steps to Reproduce: Create a directory in a filesystem which will respond affirmative for KAUTH_VNODE_ADD_FILE and KAUTH_VNODE_ADD_SUBDIRECTORY but not for KAUTH_VNODE_DELETE_CHILD. Expected Results: To be allowed to drag files/directories into the directory. Actual Results: Got the "do not enter" sign. Regression: I have only tried this on versions of 10.6. It fails consistently. mv or cp from the command line work fine. Notes: Hooking our access vnop I see that KAUTH_VNODE_ADD_FILE, KAUTH_VNODE_ADD_SUBDIRECTORY, KAUTH_VNODE_DELETE_CHILD are only checked for all together; If I lie and don't say KAUTH_VNODE_DELETE_CHILD isn't supported, but instead only return errors when an unlink is attempted, I can then insert files into the dropbox.
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!