From owner-p4-projects@FreeBSD.ORG Fri Aug 22 10:52:01 2003 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 52D8E16A4C0; Fri, 22 Aug 2003 10:52:01 -0700 (PDT) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F29EB16A4C3 for ; Fri, 22 Aug 2003 10:52:00 -0700 (PDT) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 88CB543F75 for ; Fri, 22 Aug 2003 10:52:00 -0700 (PDT) (envelope-from areisse@nailabs.com) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.6/8.12.6) with ESMTP id h7MHq00U028353 for ; Fri, 22 Aug 2003 10:52:00 -0700 (PDT) (envelope-from areisse@nailabs.com) Received: (from perforce@localhost) by repoman.freebsd.org (8.12.6/8.12.6/Submit) id h7MHpxJX028348 for perforce@freebsd.org; Fri, 22 Aug 2003 10:51:59 -0700 (PDT) Date: Fri, 22 Aug 2003 10:51:59 -0700 (PDT) Message-Id: <200308221751.h7MHpxJX028348@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to areisse@nailabs.com using -f From: Andrew Reisse To: Perforce Change Reviews Subject: PERFORCE change 36686 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Aug 2003 17:52:02 -0000 http://perforce.freebsd.org/chv.cgi?CH=36686 Change 36686 by areisse@areisse_tislabs on 2003/08/22 10:51:44 Removed mpo_check_system checks from sebsd that are covered by capabilities. Affected files ... .. //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd.c#17 edit Differences ... ==== //depot/projects/trustedbsd/sebsd/sys/security/sebsd/sebsd.c#17 (text+ko) ==== @@ -1632,21 +1632,7 @@ return vnode_has_perm(cred, vp, FILE__GETATTR, NULL); } -static int -sebsd_check_sysarch_ioperm(struct ucred *cred) -{ - - return(cred_has_capability(cred, CAPABILITY__SYS_RAWIO)); -} -static int -sebsd_check_system_acct(struct ucred *cred, struct vnode *vp, - struct label *vlabel) -{ - - return(cred_has_capability(cred, CAPABILITY__SYS_PACCT)); -} - /* * TBD: LSM/SELinux doesn't have a nfsd hook */ @@ -1659,20 +1645,6 @@ static int -sebsd_check_system_reboot(struct ucred *cred, int howto) -{ - - return(cred_has_capability(cred, CAPABILITY__SYS_BOOT)); -} - -static int -sebsd_check_system_settime(struct ucred *cred) -{ - - return(cred_has_capability(cred, CAPABILITY__SYS_TIME)); -} - -static int sebsd_check_system_swapon(struct ucred *cred, struct vnode *vp, struct label *vnodelabel) { @@ -1796,46 +1768,7 @@ *(struct vnode_security_struct *)SLOT(src); } -/* - * Check for permission to load KLDs, given by the overly-broad - * capability:sys_module. - */ -static int -sebsd_check_kld_load(struct ucred *cred, struct vnode *vp, - struct label *vlabel) -{ - - /* - * The vnode doesn't need to be checked here, since the read - * operations inside the kldload(2) implementation are - * individually checked against the same thread credentials. - */ - return (cred_has_capability(cred, CAPABILITY__SYS_MODULE)); -} - -/* - * Check for permission to query KLDs, given by the overly-broad - * capability:sys_module. - */ static int -sebsd_check_kld_stat(struct ucred *cred) -{ - - return (cred_has_capability(cred, CAPABILITY__SYS_MODULE)); -} - -/* - * Check for permission to unload KLDs, given by the overly-broad - * capability:sys_module. - */ -static int -sebsd_check_kld_unload(struct ucred *cred) -{ - - return (cred_has_capability(cred, CAPABILITY__SYS_MODULE)); -} - -static int sebsd_check_file_create(struct ucred *cred) { struct task_security_struct *tsec; @@ -2032,9 +1965,6 @@ .mpo_check_file_change_flags = sebsd_check_file_change_flags, .mpo_check_file_change_ofileflags = sebsd_check_file_change_ofileflags, .mpo_check_file_change_offset = sebsd_check_file_change_offset, - .mpo_check_kld_stat = sebsd_check_kld_stat, - .mpo_check_kld_load = sebsd_check_kld_load, - .mpo_check_kld_unload = sebsd_check_kld_unload, .mpo_check_mount_stat = sebsd_check_mount_stat, .mpo_check_pipe_ioctl = sebsd_check_pipe_ioctl, @@ -2047,11 +1977,7 @@ .mpo_check_proc_debug = sebsd_check_proc_debug, .mpo_check_proc_sched = sebsd_check_proc_sched, .mpo_check_proc_signal = sebsd_check_proc_signal, - .mpo_check_sysarch_ioperm = sebsd_check_sysarch_ioperm, - .mpo_check_system_acct = sebsd_check_system_acct, .mpo_check_system_nfsd = sebsd_check_system_nfsd, - .mpo_check_system_reboot = sebsd_check_system_reboot, - .mpo_check_system_settime = sebsd_check_system_settime, .mpo_check_system_swapon = sebsd_check_system_swapon, .mpo_check_system_swapoff = sebsd_check_system_swapoff, .mpo_check_system_sysctl = sebsd_check_system_sysctl,