diff options
author | jkoshy <jkoshy@FreeBSD.org> | 2003-12-11 13:29:05 +0000 |
---|---|---|
committer | jkoshy <jkoshy@FreeBSD.org> | 2003-12-11 13:29:05 +0000 |
commit | 41da867ce480f2b2e80b727ea340a342fed177a8 (patch) | |
tree | 51ce2613e0aa5e480ec820e2fade4465e68a3f8c /share/man/man9/cr_seeothergids.9 | |
parent | a6756e52708651553010cbba7290fcf67c4ec464 (diff) | |
download | FreeBSD-src-41da867ce480f2b2e80b727ea340a342fed177a8.zip FreeBSD-src-41da867ce480f2b2e80b727ea340a342fed177a8.tar.gz |
Document a few kernel functions and the sysctl tunables that
affect their behaviour.
Diffstat (limited to 'share/man/man9/cr_seeothergids.9')
-rw-r--r-- | share/man/man9/cr_seeothergids.9 | 81 |
1 files changed, 81 insertions, 0 deletions
diff --git a/share/man/man9/cr_seeothergids.9 b/share/man/man9/cr_seeothergids.9 new file mode 100644 index 0000000..e944892 --- /dev/null +++ b/share/man/man9/cr_seeothergids.9 @@ -0,0 +1,81 @@ +.\" +.\" Copyright (c) 2003 Joseph Koshy <jkoshy@freebsd.org> +.\" +.\" All rights reserved. +.\" +.\" This program is free software. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY EXPRESS OR +.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +.\" IN NO EVENT SHALL THE DEVELOPERS BE LIABLE FOR ANY DIRECT, INDIRECT, +.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +.\" +.\" $FreeBSD$ +.Dd November 11, 2003 +.Os +.Dt cr_seeothergids 9 +.Sh NAME +.Nm cr_seeothergids +.Nd determine visibility of objects given their group memberships +.Sh SYNOPSIS +.Ft int +.Fn cr_seeothergids "struct ucred *u1" "struct ucred *u2" +.Sh DESCRIPTION +This function determines the visibility of objects in the +kernel based on the group ids in the credentials +.Fa u1 +and +.Fa u2 +associated with them. +.Pp +The visibility of objects is influenced by the +.Xr sysctl 8 +tunable +.Va security.bsd.see_other_gids . +If this tunable is non-zero, then all objects in the kernel +are visible to each othe irrespective of their group membership. +If this tunable is zero, then the object with credentials +.Fa u2 +is visible to the object with credentials +.Fa u1 +if either +.Fa u1 +is the super-user credential, or if at least one of +.Fa u1 Ns 's +group ids is present in +.Fa u2 Ns 's +group set. +.Sh SYSCTL TUNABLES +.Bl -tag -width indent +.It Va security.bsd.see_other_gids +must be non-zero if objects with unprivileged credentials are to be +able to see each other. +.El +.Sh RETURN VALUES +Ths function returns zero if the object with credential +.Fa u1 +can +.Dq see +the object with credential +.Fa u2 , +or +.Er ESRCH +otherwise. +.Sh SEE ALSO +.Xr cr_seeotheruids 9 , +.Xr p_candebug 9
\ No newline at end of file |