diff options
author | rwatson <rwatson@FreeBSD.org> | 2007-02-19 13:25:17 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2007-02-19 13:25:17 +0000 |
commit | 07f6768e54053b9220f8ce9a39ce7f5975c0a8aa (patch) | |
tree | fa46c73d696205c432fe3cc3250efdb0806d4bce | |
parent | 41001412d81327ac987322ed6489a004ba6ec595 (diff) | |
download | FreeBSD-src-07f6768e54053b9220f8ce9a39ce7f5975c0a8aa.zip FreeBSD-src-07f6768e54053b9220f8ce9a39ce7f5975c0a8aa.tar.gz |
Do allow bypass of mac_seeotheruids in jail in order to be consistent
with other uses of PRIV_SEEOTHERUIDS. This will automatically be
scoped to the jail by the jail policy.
-rw-r--r-- | sys/security/mac_seeotheruids/mac_seeotheruids.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/sys/security/mac_seeotheruids/mac_seeotheruids.c b/sys/security/mac_seeotheruids/mac_seeotheruids.c index 62ccd61..c20dd8b 100644 --- a/sys/security/mac_seeotheruids/mac_seeotheruids.c +++ b/sys/security/mac_seeotheruids/mac_seeotheruids.c @@ -126,7 +126,8 @@ mac_seeotheruids_check(struct ucred *u1, struct ucred *u2) return (0); if (suser_privileged) { - if (priv_check_cred(u1, PRIV_SEEOTHERUIDS, 0) == 0) + if (priv_check_cred(u1, PRIV_SEEOTHERUIDS, SUSER_ALLOWJAIL) + == 0) return (0); } |