From 71a1d11a81faba020649408e8c9eaeb10095a341 Mon Sep 17 00:00:00 2001
From: cinap_lenrek <cinap_lenrek@felloff.net>
Date: Sat, 21 Sep 2019 23:36:44 +0200
Subject: cmd/ip/*: chown the network connection after authentication

for servers that handle incoming network connections and authentication,
change the owner of the network connection file to the authenticated user
after successfull authentication.

note that we set the permissions as well to 0660 because old devip used
to unconditionally set the bits.
---
 sys/src/cmd/exportfs/exportfs.c | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'sys/src/cmd/exportfs')

diff --git a/sys/src/cmd/exportfs/exportfs.c b/sys/src/cmd/exportfs/exportfs.c
index 7fac15ba3..275151a6c 100644
--- a/sys/src/cmd/exportfs/exportfs.c
+++ b/sys/src/cmd/exportfs/exportfs.c
@@ -187,6 +187,13 @@ main(int argc, char **argv)
 			fatal("exportfs by none disallowed");
 		if(auth_chuid(ai, nsfile) < 0)
 			fatal("auth_chuid: %r");
+		else {	/* chown network connection */
+			Dir nd;
+			nulldir(&nd);
+			nd.mode = 0660;
+			nd.uid = ai->cuid;
+			dirfwstat(0, &nd);
+		}
 		putenv("service", "exportfs");
 	}
 
-- 
cgit v1.2.3