X-Git-Url: https://scm.lunaixsky.com/lunaix-os.git/blobdiff_plain/34f6af4f61e0eec9c96113e07f140b609b4113c8..b297c96099a08a9f2b7e20e80a8f43515fabd714:/lunaix-os/kernel/exe/exec.c?ds=sidebyside

diff --git a/lunaix-os/kernel/exe/exec.c b/lunaix-os/kernel/exe/exec.c
index 0dace13..5ac00b3 100644
--- a/lunaix-os/kernel/exe/exec.c
+++ b/lunaix-os/kernel/exe/exec.c
@@ -202,6 +202,7 @@ exec_load(struct exec_host* container, struct v_file* executable)
     }
 
     save_process_cmd(proc, argv);
+    container->inode = executable->inode;
     
     errno = load_executable(&container->exe, executable);
     if (errno) {
@@ -223,7 +224,8 @@ exec_load_byname(struct exec_host* container, const char* filename)
         goto done;
     }
 
-    if ((errno = vfs_open(dnode, &file))) {
+    if (!check_allow_execute(dnode->inode)) {
+        errno = EPERM;
         goto done;
     }
 
@@ -231,6 +233,10 @@ exec_load_byname(struct exec_host* container, const char* filename)
         errno = EISDIR;
         goto done;
     }
+    
+    if ((errno = vfs_open(dnode, &file))) {
+        goto done;
+    }
 
     errno = exec_load(container, file);
 
@@ -280,6 +286,7 @@ __DEFINE_LXSYSCALL3(int,
                     envp[])
 {
     int errno = 0;
+    int acl;
     struct exec_host container;
 
     if (!argv || !envp) {
@@ -303,6 +310,15 @@ __DEFINE_LXSYSCALL3(int,
     signal_reset_context(&current_thread->sigctx);
     signal_reset_registry(__current->sigreg);
 
+    acl = container.inode->acl;
+    if (fsacl_test(acl, suid)) {
+        current_set_euid(container.inode->uid);
+    }
+
+    if (fsacl_test(acl, sgid)) {
+        current_set_egid(container.inode->gid);
+    }
+
 done:
     // set return value
     store_retval(DO_STATUS(errno));