: :There are certainly many more of these problems. We need to address those before we roll 2.4.1. I think we should audit all calls to VOP_ACCESS. Also, I suggest creating VOP_RACCESS, removing VOP_EACCESS and making :the effective id check default in VOP_ACCESS, since most permission checks in the kernel refer to the effective ids, and only select ones deal with the real ids. : :cheers : simon There are only 6 calls to VOP_ACCESS() left. They should be easy to audit. I do want to build the iso's this evening if possible so they can propagate to the mirrors overnight. I don't want to switch around the meaning again but I am in favor of not having a VOP_ACCESS() macro at all and forcing callers to explicitly use VOP_RACCESS() or VOP_EACCESS(). -Matt Matthew Dillon <dillon@backplane.com>