Date: Tue, 3 Oct 2006 07:50:17 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 107146 for review Message-ID: <200610030750.k937oHDa025937@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=107146 Change 107146 by rwatson@rwatson_peppercorn on 2006/10/03 07:50:08 Update alpha for priv(9), as alpha does not exist in 7-CURRENT. Affected files ... .. //depot/projects/trustedbsd/priv6/src/sys/alpha/alpha/promcons.c#2 edit .. //depot/projects/trustedbsd/priv6/src/sys/alpha/alpha/sys_machdep.c#2 edit .. //depot/projects/trustedbsd/priv6/src/sys/alpha/osf1/osf1_misc.c#2 edit Differences ... ==== //depot/projects/trustedbsd/priv6/src/sys/alpha/alpha/promcons.c#2 (text+ko) ==== @@ -36,6 +36,7 @@ #include <sys/bus.h> #include <sys/conf.h> #include <sys/tty.h> +#include <sys/priv.h> #include <sys/proc.h> #include <sys/cons.h> @@ -111,7 +112,8 @@ ttsetwater(tp); setuptimeout = 1; - } else if ((tp->t_state & TS_XCLUDE) && suser(td)) { + } else if ((tp->t_state & TS_XCLUDE) && + priv_check(td, PRIV_TTY_EXCLUSIVE)) { splx(s); return EBUSY; } ==== //depot/projects/trustedbsd/priv6/src/sys/alpha/alpha/sys_machdep.c#2 (text+ko) ==== @@ -39,6 +39,7 @@ #include <sys/lock.h> #include <sys/mac.h> #include <sys/mutex.h> +#include <sys/priv.h> #include <sys/proc.h> #include <sys/sysent.h> #include <sys/sysproto.h> @@ -124,7 +125,7 @@ if (error) return (error); - error = suser(td); + error = priv_check(td, PRIV_IO); if (error) return (error); ==== //depot/projects/trustedbsd/priv6/src/sys/alpha/osf1/osf1_misc.c#2 (text+ko) ==== @@ -49,6 +49,7 @@ #include <sys/mutex.h> #include <sys/namei.h> #include <sys/param.h> +#include <sys/priv.h> #include <sys/proc.h> #include <sys/reboot.h> #include <sys/resource.h> @@ -902,12 +903,15 @@ PROC_LOCK(p); oldcred = p->p_ucred; - if ((error = suser_cred(p->p_ucred, SUSER_ALLOWJAIL)) != 0 && - uid != oldcred->cr_ruid && uid != oldcred->cr_svuid) { - PROC_UNLOCK(p); - uifree(uip); - crfree(newcred); - return (error); + if (uid != oldcred->cr_ruid && uid != oldcred->cr_svuid) { + error = priv_check_cred(p->p_ucred, PRIV_SETUID, + SUSER_ALLOWJAIL); + if (error) { + PROC_UNLOCK(p); + uifree(uip); + crfree(newcred); + return (error); + } } crcopy(newcred, oldcred); @@ -956,11 +960,14 @@ PROC_LOCK(p); oldcred = p->p_ucred; - if (((error = suser_cred(p->p_ucred, SUSER_ALLOWJAIL)) != 0 ) && - gid != oldcred->cr_rgid && gid != oldcred->cr_svgid) { - PROC_UNLOCK(p); - crfree(newcred); - return (error); + if (gid != oldcred->cr_rgid && gid != oldcred->cr_svgid) { + error = priv_check_cred(p->p_ucred, PRIV_SETGID, + SUSER_ALLOWJAIL); + if (error) { + PROC_UNLOCK(p); + crfree(newcred); + return (error); + } } crcopy(newcred, oldcred);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200610030750.k937oHDa025937>