Date: Thu, 21 Mar 2002 18:28:26 -0800 (PST) From: Robert Watson <rwatson@FreeBSD.org> To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/kern kern_prot.c Message-ID: <200203220228.g2M2SRL92598@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
rwatson 2002/03/21 18:28:26 PST
Modified files:
sys/kern kern_prot.c
Log:
Break out the "see_other_uids" policy check from the various
method-based inter-process security checks. To do this, introduce
a new cr_seeotheruids(u1, u2) function, which encapsulates the
"see_other_uids" logic. Call out to this policy following the
jail security check for all of {debug,sched,see,signal} inter-process
checks. This more consistently enforces the check, and makes the
check easy to modify. Eventually, it may be that this check should
become a MAC policy, loaded via a module.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
Revision Changes Path
1.142 +28 -4 src/sys/kern/kern_prot.c
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200203220228.g2M2SRL92598>