From ee6493d02eaf8cb693e76541b86ba3434fe95eb0 Mon Sep 17 00:00:00 2001
From: Joshua Abraham <sinisterpatrician@gmail.com>
Date: Fri, 19 Mar 2021 14:06:38 -0500
Subject: [PATCH] UserScheme: permission check EUID and EGID before proceeding
 with chown

Fixes redox#1327.
---
 src/scheme/user.rs | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/src/scheme/user.rs b/src/scheme/user.rs
index bac2a50..b62e581 100644
--- a/src/scheme/user.rs
+++ b/src/scheme/user.rs
@@ -350,6 +350,17 @@ impl Scheme for UserScheme {
     }
 
     fn fchown(&self, file: usize, uid: u32, gid: u32) -> Result<usize> {
+        {
+            let contexts = context::contexts();
+            let context_lock = contexts.current().ok_or(Error::new(ESRCH))?;
+            let context = context_lock.read();
+            if context.euid != 0 {
+                if uid != context.euid || gid != context.egid {
+                    return Err(Error::new(EPERM));
+                }
+            }
+        }
+
         let inner = self.inner.upgrade().ok_or(Error::new(ENODEV))?;
         inner.call(SYS_FCHOWN, file, uid as usize, gid as usize)
     }