Date: Mon, 4 Jul 2005 11:05:37 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 79532 for review Message-ID: <200507041105.j64B5b7t095379@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=79532 Change 79532 by rwatson@rwatson_paprika on 2005/07/04 11:05:08 Loading of VFS-related kernel modules has moved to vfs_init.c, so restore the conversation of a suser() check to cap_check() lost during integrate. Affected files ... .. //depot/projects/trustedbsd/sebsd/sys/kern/vfs_init.c#10 edit Differences ... ==== //depot/projects/trustedbsd/sebsd/sys/kern/vfs_init.c#10 (text+ko) ==== @@ -39,6 +39,7 @@ #include <sys/param.h> #include <sys/systm.h> +#include <sys/capability.h> #include <sys/kernel.h> #include <sys/linker.h> #include <sys/mount.h> @@ -115,7 +116,7 @@ return (vfsp); /* Only load modules for root (very important!). */ - *error = suser(td); + *error = cap_check(td, CAP_SYS_MODULE); if (*error) return (NULL); *error = securelevel_gt(td->td_ucred, 0);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200507041105.j64B5b7t095379>