Date: Thu, 28 Sep 2023 15:10:53 GMT From: Mitchell Horne <mhorne@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 0452dd841336 - main - cr_canseeothergids(): Policy change's manual pages impact Message-ID: <202309281510.38SFArFg047932@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by mhorne: URL: https://cgit.FreeBSD.org/src/commit/?id=0452dd841336cea7cd979b13ef12b6ea5e992eff commit 0452dd841336cea7cd979b13ef12b6ea5e992eff Author: Olivier Certner <olce.freebsd@certner.fr> AuthorDate: 2023-08-17 23:54:46 +0000 Commit: Mitchell Horne <mhorne@FreeBSD.org> CommitDate: 2023-09-28 15:05:46 +0000 cr_canseeothergids(): Policy change's manual pages impact See previous commit that made cr_canseeothergids() use the new realgroupmember() function, taking into account real group IDs instead of effective ones. PR: 272093 Reviewed by: pauamma_gundo.com, mhorne MFC after: 2 weeks Sponsored by: Kumacom SAS Differential Revision: https://reviews.freebsd.org/D40644 --- share/man/man9/cr_bsd_visible.9 | 2 +- share/man/man9/cr_canseeothergids.9 | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/share/man/man9/cr_bsd_visible.9 b/share/man/man9/cr_bsd_visible.9 index bd676e6f5705..f2d42f3835dc 100644 --- a/share/man/man9/cr_bsd_visible.9 +++ b/share/man/man9/cr_bsd_visible.9 @@ -97,7 +97,7 @@ and are not members of any common group .Po as determined by -.Xr groupmember 9 +.Xr realgroupmember 9 .Pc . .It Bq Er ESRCH Credentials diff --git a/share/man/man9/cr_canseeothergids.9 b/share/man/man9/cr_canseeothergids.9 index f0c1e5c4e726..109d41a8545d 100644 --- a/share/man/man9/cr_canseeothergids.9 +++ b/share/man/man9/cr_canseeothergids.9 @@ -48,9 +48,9 @@ This function checks if a subject associated to credentials is denied seeing a subject or object associated to credentials .Fa u2 by a policy that requires both credentials to have at least one group in common. -For this determination, the effective and supplementary group IDs are used, but -not the real group IDs, as per -.Xr groupmember 9 . +For this determination, the real and supplementary group IDs are used, but +not the effective group IDs, as per +.Xr realgroupmember 9 . .Pp This policy is active if and only if the .Xr sysctl 8 @@ -79,5 +79,5 @@ Otherwise, it returns .Er ESRCH . .Sh SEE ALSO .Xr cr_bsd_visible 9 , -.Xr groupmember 9 , +.Xr realgroupmember 9 , .Xr priv_check_cred 9
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202309281510.38SFArFg047932>