diff options
author | pjd <pjd@FreeBSD.org> | 2006-06-27 11:41:21 +0000 |
---|---|---|
committer | pjd <pjd@FreeBSD.org> | 2006-06-27 11:41:21 +0000 |
commit | 963e56be5a2a42c4cb2ac83488114de553114242 (patch) | |
tree | 13b749e80307ac2487040e41c4ea972f3e95ea46 | |
parent | f5154298f6a5b7ca949454225b64e4deed1375ab (diff) | |
download | FreeBSD-src-963e56be5a2a42c4cb2ac83488114de553114242.zip FreeBSD-src-963e56be5a2a42c4cb2ac83488114de553114242.tar.gz |
- Use suser_cred(9) instead of directly comparing cr_uid.
- Compare pointer with NULL.
Reviewed by: rwatson
-rw-r--r-- | sys/netipsec/ipsec_osdep.h | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/sys/netipsec/ipsec_osdep.h b/sys/netipsec/ipsec_osdep.h index b4f0dff..34df84d 100644 --- a/sys/netipsec/ipsec_osdep.h +++ b/sys/netipsec/ipsec_osdep.h @@ -211,14 +211,15 @@ if_handoff(struct ifqueue *ifq, struct mbuf *m, struct ifnet *ifp, int adjust) /* * 8. Test for "privileged" socket opened by superuser. - * FreeBSD tests ((so)->so_cred && (so)->so_cred.cr_uid == 0), + * FreeBSD tests ((so)->so_cred != NULL && suser_cred((so)->so_cred, SUSER_ALLOWJAIL == 0)) * NetBSD (1.6N) tests (so)->so_uid == 0). * This difference is wrapped inside the IPSEC_PRIVILEGED_SO() macro. * */ #ifdef __FreeBSD__ #define IPSEC_IS_PRIVILEGED_SO(_so) \ - ((_so)->so_cred && (_so)->so_cred->cr_uid == 0) + ((_so)->so_cred != NULL && \ + suser_cred((_so)->so_cred, SUSER_ALLOWJAIL) == 0) #endif /* __FreeBSD__ */ #ifdef __NetBSD__ |