Date: Fri, 1 Dec 2006 12:58:59 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 110795 for review Message-ID: <200612011258.kB1CwxgZ076790@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=110795 Change 110795 by rwatson@rwatson_zoo on 2006/12/01 12:58:27 Revert branch-local changes in kern_priv.c. Affected files ... .. //depot/projects/trustedbsd/priv/sys/kern/kern_priv.c#5 integrate Differences ... ==== //depot/projects/trustedbsd/priv/sys/kern/kern_priv.c#5 (text+ko) ==== @@ -26,7 +26,7 @@ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $FreeBSD$ + * $FreeBSD: src/sys/kern/kern_priv.c,v 1.1 2006/11/06 13:37:17 rwatson Exp $ */ #include "opt_mac.h" @@ -43,15 +43,13 @@ /* * `suser_enabled' (which can be set by the security.bsd.suser_enabled - * sysctl) determines whether the system 'super-user' policy is in effect. - * If it is nonzero, an effective uid of 0 connotes special privilege, + * sysctl) determines whether the system 'super-user' policy is in effect. If + * it is nonzero, an effective uid of 0 connotes special privilege, * overriding many mandatory and discretionary protections. If it is zero, * uid 0 is offered no special privilege in the kernel security policy. - * Setting it to zero may seriously impact the functionality of many - * existing userland programs, and should not be done without careful - * consideration of the consequences. - * - * XXXRW: Update this comment as needed. + * Setting it to zero may seriously impact the functionality of many existing + * userland programs, and should not be done without careful consideration of + * the consequences. */ int suser_enabled = 1; SYSCTL_INT(_security_bsd, OID_AUTO, suser_enabled, CTLFLAG_RW, @@ -86,9 +84,11 @@ * once the SUSER_ALLOWJAIL flag has gone away. */ error = prison_priv_check(cred, priv); +#ifdef NOTYET KASSERT(!jailed(cred) || error == ((flags & SUSER_ALLOWJAIL) ? 0 : EPERM), ("priv_check_cred: prison_priv_check %d but flags %s", error, flags & SUSER_ALLOWJAIL ? "allowjail" : "!allowjail")); +#endif if (error) return (error); @@ -100,7 +100,7 @@ * * Superuser policy grants privilege based on the effective (or in * certain edge cases, real) uid being 0. We allow the policy to be - * globally disabled, although this is currently of limited uility. + * globally disabled, although this is currently of limited utility. */ if (suser_enabled) { if (flags & SUSER_RUID) { @@ -134,8 +134,8 @@ /* * Historical suser() wrapper functions, which now simply request PRIV_ROOT. - * These will be removed in the near future, and exist solely because the - * list of global privileges is not yet complete. + * These will be removed in the near future, and exist solely because + * the kernel and modules are not yet fully adapted to the new model. */ int suser_cred(struct ucred *cred, int flags)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200612011258.kB1CwxgZ076790>