[email protected]
[Top] [All Lists]

PERFORCE change 114558 for review

Subject: PERFORCE change 114558 for review
From: Robert Watson
Date: Thu, 15 Feb 2007 14:35:22 GMT
http://perforce.freebsd.org/chv.cgi?CH=114558

Change 114558 by [email protected]_cinnamon on 2007/02/15 14:34:57

        Make privilege check for differing uids setting process flags via
        procfs the same as using other debugging mechanisms: allow in jail.

Affected files ...

.. //depot/projects/trustedbsd/priv/sys/fs/procfs/procfs_ioctl.c#7 edit

Differences ...

==== //depot/projects/trustedbsd/priv/sys/fs/procfs/procfs_ioctl.c#7 (text+ko) 
====

@@ -110,11 +110,9 @@
                         * XXXRW: Is this specific check required here, as
                         * p_candebug() should implement it, or other checks
                         * are missing.
-                        *
-                        * XXXRW: Other debugging privileges are granted in
-                        * jail, why isn't this?
                         */
-                       error = priv_check(td, PRIV_DEBUG_SUGID);
+                       error = priv_check_cred(td->td_ucred,
+                           PRIV_DEBUG_SUGID, SUSER_ALLOWJAIL);
                        if (error)
                                break;
                }
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/p4-projects
To unsubscribe, send any mail to "[email protected]"

<Prev in Thread] Current Thread [Next in Thread>
  • PERFORCE change 114558 for review, Robert Watson <=