Merge release-20200115.0-72-g5ab1213 (automated)

author: gVisor bot <gvisor-bot@google.com> 2020-01-22 20:41:58 +0000
committer: gVisor bot <gvisor-bot@google.com> 2020-01-22 20:41:58 +0000
commit: a5d71b6b3ff4f91d06dca8dc0d674379d0832882 (patch)
tree: 5ce20658e4a3e72ef22e64bf0f87e94ef197a08b /pkg/sentry/vfs/permissions.go
parent: c1696dd8d4d4b4a1ade5be05169fb006b1f7bb6a (diff)
parent: 5ab1213a6c405071546c783d6d93b4e9af52842e (diff)
1 files changed, 2 insertions, 3 deletions
diff --git a/pkg/sentry/vfs/permissions.go b/pkg/sentry/vfs/permissions.go
index d279d05ca..f664581f4 100755
--- a/pkg/sentry/vfs/permissions.go
+++ b/pkg/sentry/vfs/permissions.go
@@ -94,14 +94,13 @@ func GenericCheckPermissions(creds *auth.Credentials, ats AccessTypes, isDir boo
 // the set of accesses permitted for the opened file:
 //
 // - O_TRUNC causes MayWrite to be set in the returned AccessTypes (since it
-// mutates the file), but does not permit the opened to write to the file
+// mutates the file), but does not permit writing to the open file description
 // thereafter.
 //
 // - "Linux reserves the special, nonstandard access mode 3 (binary 11) in
 // flags to mean: check for read and write permission on the file and return a
 // file descriptor that can't be used for reading or writing." - open(2). Thus
-// AccessTypesForOpenFlags returns MayRead|MayWrite in this case, but
-// filesystems are responsible for ensuring that access is denied.
+// AccessTypesForOpenFlags returns MayRead|MayWrite in this case.
 //
 // Use May{Read,Write}FileWithOpenFlags() for these checks instead.
 func AccessTypesForOpenFlags(flags uint32) AccessTypes {
author	gVisor bot <gvisor-bot@google.com>	2020-01-22 20:41:58 +0000
committer	gVisor bot <gvisor-bot@google.com>	2020-01-22 20:41:58 +0000
commit	a5d71b6b3ff4f91d06dca8dc0d674379d0832882 (patch)
tree	5ce20658e4a3e72ef22e64bf0f87e94ef197a08b /pkg/sentry/vfs/permissions.go
parent	c1696dd8d4d4b4a1ade5be05169fb006b1f7bb6a (diff)
parent	5ab1213a6c405071546c783d6d93b4e9af52842e (diff)