diff options
| author | rwatson <rwatson@FreeBSD.org> | 2006-10-10 17:04:19 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2006-10-10 17:04:19 +0000 |
| commit | 10cc7e208a24cfc260f19c0aeb07183554b81ec2 (patch) | |
| tree | 545f71cd5d223e3303fa2a0300faad617f394b90 | |
| parent | fde20b9adccd0af04ae987e489b4c562ce554edf (diff) | |
| download | FreeBSD-src-10cc7e208a24cfc260f19c0aeb07183554b81ec2.zip FreeBSD-src-10cc7e208a24cfc260f19c0aeb07183554b81ec2.tar.gz | |
Do allow jailed superuser to override the port ACL.
MFC after: 3 days
Submitted by: Michal Mertl <mime at traveller dot cz>
| -rw-r--r-- | sys/security/mac_portacl/mac_portacl.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sys/security/mac_portacl/mac_portacl.c b/sys/security/mac_portacl/mac_portacl.c index 589ba67..80cd053 100644 --- a/sys/security/mac_portacl/mac_portacl.c +++ b/sys/security/mac_portacl/mac_portacl.c @@ -427,7 +427,7 @@ rules_check(struct ucred *cred, int family, int type, u_int16_t port) mtx_unlock(&rule_mtx); if (error != 0 && mac_portacl_suser_exempt != 0) - error = suser_cred(cred, 0); + error = suser_cred(cred, SUSER_ALLOWJAIL); return (error); } |
