Kernel: Use real UID/GID when checking for file access

This aligns the rest of the system with POSIX, who says that access(2)
must check against the real UID and GID, not effective ones.

1 files changed, 9 insertions, 6 deletions

diff --git a/Kernel/FileSystem/InodeMetadata.cpp b/Kernel/FileSystem/InodeMetadata.cpp
index fc70ad8b7f..5ac40e7eba 100644
--- a/Kernel/FileSystem/InodeMetadata.cpp
+++ b/Kernel/FileSystem/InodeMetadata.cpp
@@ -9,19 +9,22 @@
 
 namespace Kernel {
 
-bool InodeMetadata::may_read(Credentials const& credentials) const
+bool InodeMetadata::may_read(Credentials const& credentials, UseEffectiveIDs use_effective_ids) const
 {
-    return may_read(credentials.euid(), credentials.egid(), credentials.extra_gids());
+    bool eids = use_effective_ids == UseEffectiveIDs::Yes;
+    return may_read(eids ? credentials.euid() : credentials.uid(), eids ? credentials.egid() : credentials.gid(), credentials.extra_gids());
 }
 
-bool InodeMetadata::may_write(Credentials const& credentials) const
+bool InodeMetadata::may_write(Credentials const& credentials, UseEffectiveIDs use_effective_ids) const
 {
-    return may_write(credentials.euid(), credentials.egid(), credentials.extra_gids());
+    bool eids = use_effective_ids == UseEffectiveIDs::Yes;
+    return may_write(eids ? credentials.euid() : credentials.uid(), eids ? credentials.egid() : credentials.gid(), credentials.extra_gids());
 }
 
-bool InodeMetadata::may_execute(Credentials const& credentials) const
+bool InodeMetadata::may_execute(Credentials const& credentials, UseEffectiveIDs use_effective_ids) const
 {
-    return may_execute(credentials.euid(), credentials.egid(), credentials.extra_gids());
+    bool eids = use_effective_ids == UseEffectiveIDs::Yes;
+    return may_execute(eids ? credentials.euid() : credentials.uid(), eids ? credentials.egid() : credentials.gid(), credentials.extra_gids());
 }
 
 }