From 75714419c639bff6d61120dcfa194aa22450a7bc Mon Sep 17 00:00:00 2001
From: daichi <daichi@FreeBSD.org>
Date: Mon, 22 Oct 2007 05:23:57 +0000
Subject: [PATCH] MFC: Improved access permission check treatments.

Submitted by:   Masanori Ozawa <ozawa@ongs.co.jp> (unionfs developer)
Reviewed by:    jeff, kensmith
Approved by:    re (kensmith)
---
 sys/fs/unionfs/union_subr.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/sys/fs/unionfs/union_subr.c b/sys/fs/unionfs/union_subr.c
index 887ef70af56..6156da6b1df 100644
--- a/sys/fs/unionfs/union_subr.c
+++ b/sys/fs/unionfs/union_subr.c
@@ -1110,6 +1110,12 @@ unionfs_check_rmdir(struct vnode *vp, struct ucred *cred, struct thread *td)
 		return (0);
 
 	/* open vnode */
+#ifdef MAC
+	if ((error = mac_check_vnode_open(cred, vp, VEXEC|VREAD)) != 0)
+		return (error);
+#endif
+	if ((error = VOP_ACCESS(vp, VEXEC|VREAD, cred, td)) != 0)
+		return (error);
 	if ((error = VOP_OPEN(vp, FREAD, cred, td, NULL)) != 0)
 		return (error);
 
-- 
2.45.2