Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

secmodel_bsd44_curtain -> secmodel_suser_curtain (static).

This commit is contained in:
elad 2009-10-03 01:52:14 +00:00
parent cee5cd7dd4
commit 0a0bbb40a7
1 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
sys/secmodel/suser/secmodel_suser.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: secmodel_suser.c,v 1.20 2009/10/03 01:46:39 elad Exp $ */ /* $NetBSD: secmodel_suser.c,v 1.21 2009/10/03 01:52:14 elad Exp $ */
/*- /*-
* Copyright (c) 2006 Elad Efrat <elad@NetBSD.org> * Copyright (c) 2006 Elad Efrat <elad@NetBSD.org>
* All rights reserved. * All rights reserved.
@ -38,7 +38,7 @@
*/ */
#include <sys/cdefs.h> #include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.20 2009/10/03 01:46:39 elad Exp $"); __KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.21 2009/10/03 01:52:14 elad Exp $");
#include <sys/types.h> #include <sys/types.h>
#include <sys/param.h> #include <sys/param.h>
@ -59,7 +59,7 @@ __KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.20 2009/10/03 01:46:39 elad Exp
MODULE(MODULE_CLASS_SECMODEL, suser, NULL); MODULE(MODULE_CLASS_SECMODEL, suser, NULL);
static int secmodel_bsd44_curtain; static int secmodel_suser_curtain;
/* static */ int dovfsusermount; /* static */ int dovfsusermount;
static kauth_listener_t l_generic, l_system, l_process, l_network, l_machdep, static kauth_listener_t l_generic, l_system, l_process, l_network, l_machdep,
@ -101,7 +101,7 @@ sysctl_security_suser_setup(struct sysctllog **clog)
CTLTYPE_INT, "curtain", CTLTYPE_INT, "curtain",
SYSCTL_DESCR("Curtain information about objects to "\ SYSCTL_DESCR("Curtain information about objects to "\
"users not owning them."), "users not owning them."),
NULL, 0, &secmodel_bsd44_curtain, 0, NULL, 0, &secmodel_suser_curtain, 0,
CTL_CREATE, CTL_EOL); CTL_CREATE, CTL_EOL);
sysctl_createv(clog, 0, &rnode, NULL, sysctl_createv(clog, 0, &rnode, NULL,
@ -124,7 +124,7 @@ sysctl_security_suser_setup(struct sysctllog **clog)
CTLTYPE_INT, "curtain", CTLTYPE_INT, "curtain",
SYSCTL_DESCR("Curtain information about objects to "\ SYSCTL_DESCR("Curtain information about objects to "\
"users not owning them."), "users not owning them."),
NULL, 0, &secmodel_bsd44_curtain, 0, NULL, 0, &secmodel_suser_curtain, 0,
CTL_CREATE, CTL_EOL); CTL_CREATE, CTL_EOL);
/* Compatibility: vfs.generic.usermount */ /* Compatibility: vfs.generic.usermount */
@ -153,7 +153,7 @@ sysctl_security_suser_setup(struct sysctllog **clog)
void void
secmodel_suser_init(void) secmodel_suser_init(void)
{ {
secmodel_bsd44_curtain = 0; secmodel_suser_curtain = 0;
dovfsusermount = 0; dovfsusermount = 0;
} }
@ -241,7 +241,7 @@ secmodel_suser_generic_cb(kauth_cred_t cred, kauth_action_t action,
break; break;
case KAUTH_GENERIC_CANSEE: case KAUTH_GENERIC_CANSEE:
if (!secmodel_bsd44_curtain) if (!secmodel_suser_curtain)
result = KAUTH_RESULT_ALLOW; result = KAUTH_RESULT_ALLOW;
else if (isroot || kauth_cred_uidmatch(cred, arg0)) else if (isroot || kauth_cred_uidmatch(cred, arg0))
result = KAUTH_RESULT_ALLOW; result = KAUTH_RESULT_ALLOW;
@ -525,7 +525,7 @@ secmodel_suser_process_cb(kauth_cred_t cred, kauth_action_t action,
case KAUTH_REQ_PROCESS_CANSEE_ARGS: case KAUTH_REQ_PROCESS_CANSEE_ARGS:
case KAUTH_REQ_PROCESS_CANSEE_ENTRY: case KAUTH_REQ_PROCESS_CANSEE_ENTRY:
case KAUTH_REQ_PROCESS_CANSEE_OPENFILES: case KAUTH_REQ_PROCESS_CANSEE_OPENFILES:
if (!secmodel_bsd44_curtain) if (!secmodel_suser_curtain)
result = KAUTH_RESULT_ALLOW; result = KAUTH_RESULT_ALLOW;
else if (isroot || kauth_cred_uidmatch(cred, p->p_cred)) else if (isroot || kauth_cred_uidmatch(cred, p->p_cred))
result = KAUTH_RESULT_ALLOW; result = KAUTH_RESULT_ALLOW;
@ -816,7 +816,7 @@ secmodel_suser_network_cb(kauth_cred_t cred, kauth_action_t action,
break; break;
} }
if (secmodel_bsd44_curtain) { if (secmodel_suser_curtain) {
struct socket *so; struct socket *so;
uid_t so_uid; uid_t so_uid;