D40627.diff
No OneTemporary
Actions

Size

1 KB

Referenced Files

None

Subscribers

None

D40627.diff
View Options

	diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c
	--- a/sys/kern/kern_prot.c
	+++ b/sys/kern/kern_prot.c
	@@ -1434,6 +1434,25 @@
	return (ESRCH);
	}

	+/*
	+ * Helper for cr_cansee() functions to abide by system-wide security.bsd.see_
	+ * policies. Determines if u1 "can see" u2 according to these policies.
	+ * Returns: 0 for permitted, ESRCH otherwise
	+ */
	+int
	+cr_bsd_visible(struct ucred u1, struct ucred u2)
	+{
	+ int error;
	+
	+ if ((error = cr_canseeotheruids(u1, u2)))
	+ return (error);
	+ if ((error = cr_canseeothergids(u1, u2)))
	+ return (error);
	+ if ((error = cr_canseejailproc(u1, u2)))
	+ return (error);
	+ return (0);
	+}
	+
	/*-
	* Determine if u1 "can see" the subject specified by u2.
	* Returns: 0 for permitted, an errno value otherwise
	diff --git a/sys/sys/proc.h b/sys/sys/proc.h
	--- a/sys/sys/proc.h
	+++ b/sys/sys/proc.h
	@@ -1163,6 +1163,7 @@
	void ast_unsched_locked(struct thread *td, int tda);

	struct thread *choosethread(void);
	+int cr_bsd_visible(struct ucred u1, struct ucred u2);
	int cr_cansee(struct ucred u1, struct ucred u2);
	int cr_canseesocket(struct ucred cred, struct socket so);
	int cr_canseeothergids(struct ucred u1, struct ucred u2);