summaryrefslogtreecommitdiffstats
path: root/share/man
diff options
context:
space:
mode:
authorrwatson <rwatson@FreeBSD.org>2007-06-26 23:12:05 +0000
committerrwatson <rwatson@FreeBSD.org>2007-06-26 23:12:05 +0000
commitc075d60f4cf16481bb5e6e1aeb8504bf3ffd581a (patch)
tree28324a1bd0018a00fb40fe0e9b73fe48e8b86fab /share/man
parentaad9c5402c9c42be1bb76208261cbf02a2637ed1 (diff)
downloadFreeBSD-src-c075d60f4cf16481bb5e6e1aeb8504bf3ffd581a.zip
FreeBSD-src-c075d60f4cf16481bb5e6e1aeb8504bf3ffd581a.tar.gz
Update suser(9) and priv(9) to document that the 'flags' argument is now
unused -- SUSER_RUID and SUSER_ALLOWJAIL are no longer defined or used. Approved by: re (bmah)
Diffstat (limited to 'share/man')
-rw-r--r--share/man/man9/priv.96
-rw-r--r--share/man/man9/suser.940
2 files changed, 13 insertions, 33 deletions
diff --git a/share/man/man9/priv.9 b/share/man/man9/priv.9
index bf86bfe..2756da9 100644
--- a/share/man/man9/priv.9
+++ b/share/man/man9/priv.9
@@ -57,9 +57,9 @@ policy or access control list.
The caller identifies the desired privilege via the
.Fa priv
argument.
-Additional access control context may also be passed using the
-.Fa flags
-argument.
+The optional flags argument,
+.Fa flags ,
+is currently unused.
.Ss Privilege Policies
Privileges are typically granted based on one of two base system policies:
the superuser policy, which grants privilege based on the effective (or
diff --git a/share/man/man9/suser.9 b/share/man/man9/suser.9
index 9710319..0b97d03 100644
--- a/share/man/man9/suser.9
+++ b/share/man/man9/suser.9
@@ -68,37 +68,17 @@ not the thread's own, when there is no thread, when superuser
powers should be extended to imprisoned roots, or when the credential
to be checked is the real user rather than the effective user.
.Pp
-By default, a process does not command superuser powers if it has
-been imprisoned by the
-.Xr jail 2
-system call.
-There are cases however where this is appropriate, and this can
-be done by passing
-.Dv SUSER_ALLOWJAIL
-in the
-.Fa flag
-argument to the
-.Fn suser_cred
-function.
-It is important to review carefully in each case that
-this does not weaken the prison.
-Generally, only where the action is protected by
-.Xr chroot 2
-implicit in the
-.Xr jail 2
-call should such powers be granted.
+Whether or not a privilege is permitted in a
+.Xr jail 8
+depends on logic in
+.Fn prison_priv_check .
.Pp
-By default, the credential checked is the effective user.
-There are cases
-where it is instead necessary to check the real user (for example, when
-determining if resource limits should be applied), and this can be done
-by passing the
-.Dv SUSER_RUID
-flag in the
-.Fa flag
-argument to the
-.Fn suser_cred
-function.
+In general, privileges are assigned based on the effective user ID; in some
+cases, the real user ID may be used.
+.Pp
+The
+.Fa flags
+field is currently unused.
.Pp
The
.Fn suser
OpenPOWER on IntegriCloud