Diffusion FreeBSD src repository 768fe2300987

New cr_bsd_visible(): Whether BSD policies deny seeing subjects/objects
768fe2300987
Actions

Description

New cr_bsd_visible(): Whether BSD policies deny seeing subjects/objects

This is a new helper function that leverages existing code: It calls
successively cr_canseeotheruids(), cr_canseeothergids() and
cr_canseejailproc() (as long as the previous didn't deny access). Will
be used in a subsequent commit.

Approved by: re (gjb)
Reviewed by: mhorne
Sponsored by: Kumacom SAS
Differential Revision: https://reviews.freebsd.org/D40627

(cherry picked from commit e4a7b4f99cfd4931468c0866da4ae8b49cf5badb)
(cherry picked from commit 4a78431a52e9e65c6181a943bca2430633350db1)

Details

Provenance

olce	Authored on Aug 17 2023, 11:54 PM
mhorne	Committed on Oct 18 2023, 5:59 PM

Reviewer

mhorne

Differential Revision

D40627: New cr_bsd_visible(): Whether BSD policies deny seeing subjects/objects

Parents

rG63c01c18a8d3: cr_canseejailproc(): New privilege, no direct check for UID 0

Branches

Unknown

Tags

Unknown

Event Timeline

mhorne committed rG768fe2300987: New cr_bsd_visible(): Whether BSD policies deny seeing subjects/objects (authored by olce).Oct 18 2023, 5:59 PM

mhorne added an edge: D40627: New cr_bsd_visible(): Whether BSD policies deny seeing subjects/objects.Oct 18 2023, 6:04 PM

Changes (2)

Path

Size

sys/

kern/

kern_prot.c

sys/

proc.h

rG768fe2300987

View Options

sys/kern/kern_prot.c