add KAUTH_GENERIC_CANSEE, which is like the KAUTH_PROCESS_CANSEE, only

for two kauth_cred_t rather than kauth_cred_t and struct proc *. advise against using it in the man-page; it should be used only in cases where we either don't have an object-specific op or when we can't easily use one.
2006-07-16 20:10:11 +00:00 · 2006-07-16 20:10:11 +00:00 · d9a7152c3e
commit d9a7152c3e
parent 85fccc00b0
3 changed files with 29 additions and 4 deletions
--- a/share/man/man9/kauth.9
+++ b/share/man/man9/kauth.9
@ -1,4 +1,4 @@
-.\" $NetBSD: kauth.9,v 1.5 2006/07/14 21:58:46 elad Exp $
+.\" $NetBSD: kauth.9,v 1.6 2006/07/16 20:10:11 elad Exp $
 .\"
 .\" Copyright (c) 2005, 2006 Elad Efrat <elad@NetBSD.org>
 .\" All rights reserved.
@ -28,7 +28,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd July 14, 2006
+.Dd July 16, 2006
 .Dt KAUTH 9
 .Os
 .Sh NAME
@ -141,6 +141,17 @@ it's treated as a
 to accounting flags, and the
 .Dv ACU
 flag is set.
+.It Dv KAUTH_GENERIC_CANSEE
+Checks whether an object with one set of credentials can access
+information about another object, possibly with a different set of
+credentials.
+.Pp
+.Ar arg0
+contains the credentials of the object looked at.
+.Pp
+This request should be issued only in cases where generic credentials
+check is required; otherwise it is recommended to use the object-specific
+routines.
 .El
 .Ss Process Scope
 The process scope,
--- a/sys/kern/kern_auth.c
+++ b/sys/kern/kern_auth.c
@ -1,4 +1,4 @@
-/* $NetBSD: kern_auth.c,v 1.9 2006/07/15 05:54:56 yamt Exp $ */
+/* $NetBSD: kern_auth.c,v 1.10 2006/07/16 20:10:11 elad Exp $ */

 /*-
 * Copyright (c) 2005, 2006 Elad Efrat <elad@NetBSD.org>
@ -730,6 +730,19 @@ kauth_authorize_cb_generic(kauth_cred_t cred, kauth_action_t action,
 		} else
 			error = KAUTH_RESULT_DENY;
 		break;
+
+	case KAUTH_GENERIC_CANSEE:
+		if (!security_curtain) {
+			error = KAUTH_RESULT_ALLOW;
+		} else {
+			kauth_cred_t cred2 = arg0;
+
+			if (kauth_cred_uidmatch(cred, cred2))
+				error = KAUTH_RESULT_ALLOW;
+			else
+				error = KAUTH_RESULT_DENY;
+		}
+		break;
 	}

 	return (error);
--- a/sys/sys/kauth.h
+++ b/sys/sys/kauth.h
@ -1,4 +1,4 @@
-/* $NetBSD: kauth.h,v 1.3 2006/05/28 06:49:27 yamt Exp $ */
+/* $NetBSD: kauth.h,v 1.4 2006/07/16 20:10:12 elad Exp $ */

 /*-
 * Copyright (c) 2005, 2006 Elad Efrat <elad@NetBSD.org>  
@ -74,6 +74,7 @@ typedef int (*kauth_scope_callback_t)(kauth_cred_t, kauth_action_t,
 * Generic scope - actions.
 */
 #define	KAUTH_GENERIC_ISSUSER	1	/* check for super-user */
+#define	KAUTH_GENERIC_CANSEE	2	/* check if can see other cred */

 #define NOCRED ((kauth_cred_t)-1)	/* no credential available */
 #define FSCRED ((kauth_cred_t)-2)	/* filesystem credential */