Date: Sat, 27 Jul 2002 19:47:21 -0700 (PDT) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 15029 for review Message-ID: <200207280247.g6S2lLVS003326@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=15029 Change 15029 by rwatson@rwatson_paprika on 2002/07/27 19:46:50 mac_bsdextended doesn't implement inter-process/credential checks, so don't include stubs for those entry points. Affected files ... .. //depot/projects/trustedbsd/mac/sys/security/mac_bsdextended/mac_bsdextended.c#46 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/security/mac_bsdextended/mac_bsdextended.c#46 (text+ko) ==== @@ -690,70 +690,12 @@ return (mac_bsdextended_check(cred, vap.va_uid, vap.va_gid, VSTAT)); } -static int -mac_bsdextended_check_see_cred(struct ucred *u1, struct ucred *u2) -{ - - if (!mac_bsdextended_enabled) - return (0); - - return (0); -} - -static int -mac_bsdextended_check_see_socket(struct ucred *cred, struct socket *socket) -{ - - if (!mac_bsdextended_enabled) - return (0); - - return (0); -} - -static int -mac_bsdextended_cred_cantouch(struct ucred *cred, struct proc *proc) -{ - - if (!mac_bsdextended_enabled) - return (0); - - return (0); -} - -static int -mac_bsdextended_check_signal_proc(struct ucred *cred, struct proc *proc, - int signum) -{ - - return (mac_bsdextended_cred_cantouch(cred, proc)); -} - -static int -mac_bsdextended_check_sched_proc(struct ucred *cred, struct proc *proc) -{ - - return (mac_bsdextended_cred_cantouch(cred, proc)); -} - -static int -mac_bsdextended_check_debug_proc(struct ucred *cred, struct proc *proc) -{ - - return (mac_bsdextended_cred_cantouch(cred, proc)); -} - static struct mac_policy_op_entry mac_bsdextended_ops[] = { { MAC_DESTROY, (macop_t)mac_bsdextended_destroy }, { MAC_INIT, (macop_t)mac_bsdextended_init }, - { MAC_CHECK_SEE_CRED, - (macop_t)mac_bsdextended_check_see_cred }, - { MAC_CHECK_SEE_SOCKET, - (macop_t)mac_bsdextended_check_see_socket }, - { MAC_CHECK_DEBUG_PROC, - (macop_t)mac_bsdextended_check_debug_proc }, { MAC_CHECK_ACCESS_VNODE, (macop_t)mac_bsdextended_check_access_vnode }, { MAC_CHECK_CHDIR_VNODE, @@ -798,10 +740,6 @@ (macop_t)mac_bsdextended_check_setowner_vnode }, { MAC_CHECK_SETUTIMES_VNODE, (macop_t)mac_bsdextended_check_setutimes_vnode }, - { MAC_CHECK_SCHED_PROC, - (macop_t)mac_bsdextended_check_sched_proc }, - { MAC_CHECK_SIGNAL_PROC, - (macop_t)mac_bsdextended_check_signal_proc }, { MAC_CHECK_STAT_VNODE, (macop_t)mac_bsdextended_check_stat_vnode }, { MAC_OP_LAST, NULL } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200207280247.g6S2lLVS003326>