Aren
/
NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Kill another instance of KAUTH_GENERIC_ISSUSER.

This commit is contained in:
elad 2007-11-23 16:03:47 +00:00
parent d08cb6cf65
commit 18558073a1
5 changed files with 18 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
share/examples/secmodel/secmodel_example.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: secmodel_example.c,v 1.14 2007/01/20 16:47:38 elad Exp $ */
/* $NetBSD: secmodel_example.c,v 1.15 2007/11/23 16:03:47 elad Exp $ */
/*
* This file is placed in the public domain.
@ -13,7 +13,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: secmodel_example.c,v 1.14 2007/01/20 16:47:38 elad Exp $");
__KERNEL_RCSID(0, "$NetBSD: secmodel_example.c,v 1.15 2007/11/23 16:03:47 elad Exp $");
#include <sys/types.h>
#include <sys/param.h>
@ -157,6 +157,7 @@ secmodel_example_system_cb(kauth_cred_t cred, kauth_action_t action,
case KAUTH_REQ_SYSTEM_TIME_NTPADJTIME:
case KAUTH_REQ_SYSTEM_TIME_RTCOFFSET:
case KAUTH_REQ_SYSTEM_TIME_SYSTEM:
case KAUTH_REQ_SYSTEM_TIME_TIMECOUNTERS:
default:
result = KAUTH_RESULT_DEFER;
break;

6
share/man/man9/kauth.9
View File

@ -1,4 +1,4 @@
.\" $NetBSD: kauth.9,v 1.53 2007/09/23 16:03:41 yamt Exp $
.\" $NetBSD: kauth.9,v 1.54 2007/11/23 16:03:48 elad Exp $
.\"
.\" Copyright (c) 2005, 2006 Elad Efrat <elad@NetBSD.org>
.\" All rights reserved.
@ -25,7 +25,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd September 24, 2007
.Dd November 22, 2007
.Dt KAUTH 9
.Os
.Sh NAME
@ -307,6 +307,8 @@ Check if changing the time (usually via
is allowed.
.It Dv KAUTH_REQ_SYSTEM_TIME_RTCOFFSET
Check if changing the RTC offset is allowed.
.It Dv KAUTH_REQ_SYSTEM_TIME_TIMECOUNTERS
Check if manipulating timecounters is allowed.
.El
.El
.Ss Process Scope

9
sys/kern/kern_tc.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: kern_tc.c,v 1.25 2007/11/16 01:21:24 ad Exp $ */
/* $NetBSD: kern_tc.c,v 1.26 2007/11/23 16:03:48 elad Exp $ */
/*-
* ----------------------------------------------------------------------------
@ -11,7 +11,7 @@
#include <sys/cdefs.h>
/* __FBSDID("$FreeBSD: src/sys/kern/kern_tc.c,v 1.166 2005/09/19 22:16:31 andre Exp $"); */
__KERNEL_RCSID(0, "$NetBSD: kern_tc.c,v 1.25 2007/11/16 01:21:24 ad Exp $");
__KERNEL_RCSID(0, "$NetBSD: kern_tc.c,v 1.26 2007/11/23 16:03:48 elad Exp $");
#include "opt_ntp.h"
@ -131,8 +131,9 @@ sysctl_kern_timecounter_hardware(SYSCTLFN_ARGS)
strncmp(newname, tc->tc_name, sizeof(newname)) == 0)
return error;
if (l != NULL && (error = kauth_authorize_generic(l->l_cred,
KAUTH_GENERIC_ISSUSER, NULL)) != 0)
if (l != NULL && (error = kauth_authorize_system(l->l_cred,
KAUTH_SYSTEM_TIME, KAUTH_REQ_SYSTEM_TIME_TIMECOUNTERS, newname,
NULL, NULL)) != 0)
return (error);
if (!cold)

5
sys/secmodel/bsd44/secmodel_bsd44_suser.c
View File

@ -1,4 +1,4 @@
/* $NetBSD: secmodel_bsd44_suser.c,v 1.37 2007/02/21 23:00:09 thorpej Exp $ */
/* $NetBSD: secmodel_bsd44_suser.c,v 1.38 2007/11/23 16:03:48 elad Exp $ */
/*-
* Copyright (c) 2006 Elad Efrat <elad@NetBSD.org>
* All rights reserved.
@ -38,7 +38,7 @@
*/
#include <sys/cdefs.h>
__KERNEL_RCSID(0, "$NetBSD: secmodel_bsd44_suser.c,v 1.37 2007/02/21 23:00:09 thorpej Exp $");
__KERNEL_RCSID(0, "$NetBSD: secmodel_bsd44_suser.c,v 1.38 2007/11/23 16:03:48 elad Exp $");
#include <sys/types.h>
#include <sys/param.h>
@ -239,6 +239,7 @@ secmodel_bsd44_suser_system_cb(kauth_cred_t cred, kauth_action_t action,
case KAUTH_REQ_SYSTEM_TIME_ADJTIME:
case KAUTH_REQ_SYSTEM_TIME_NTPADJTIME:
case KAUTH_REQ_SYSTEM_TIME_SYSTEM:
case KAUTH_REQ_SYSTEM_TIME_TIMECOUNTERS:
if (isroot)
result = KAUTH_RESULT_ALLOW;
break;

5
sys/sys/kauth.h
View File

@ -1,4 +1,4 @@
/* $NetBSD: kauth.h,v 1.40 2007/09/23 16:00:08 yamt Exp $ */
/* $NetBSD: kauth.h,v 1.41 2007/11/23 16:03:49 elad Exp $ */
/*-
* Copyright (c) 2005, 2006 Elad Efrat <elad@NetBSD.org>
@ -114,7 +114,8 @@ enum kauth_system_req {
KAUTH_REQ_SYSTEM_TIME_BACKWARDS,
KAUTH_REQ_SYSTEM_TIME_NTPADJTIME,
KAUTH_REQ_SYSTEM_TIME_RTCOFFSET,
KAUTH_REQ_SYSTEM_TIME_SYSTEM
KAUTH_REQ_SYSTEM_TIME_SYSTEM,
KAUTH_REQ_SYSTEM_TIME_TIMECOUNTERS
};
/*