diff options
author | dhartmei <dhartmei@FreeBSD.org> | 2005-01-19 21:37:00 +0000 |
---|---|---|
committer | dhartmei <dhartmei@FreeBSD.org> | 2005-01-19 21:37:00 +0000 |
commit | 82659e82466a12edc4116e99d218cc0de1f2cc1c (patch) | |
tree | 9129a9913ad7cea6a11eb8a39d49143b2db8988e /sys/contrib | |
parent | 933b3f52b0d97f93842f00e485fd26f696ebd210 (diff) | |
download | FreeBSD-src-82659e82466a12edc4116e99d218cc0de1f2cc1c.zip FreeBSD-src-82659e82466a12edc4116e99d218cc0de1f2cc1c.tar.gz |
Prohibit ruleset changes at securelevel > 2, not > 1. It's documented
like this in init(8), but the code didn't match the documentation.
Submitted by: Juraj Lutter <otis at sk dot FreeBSD dot org>
Agrees: mlaier
Diffstat (limited to 'sys/contrib')
-rw-r--r-- | sys/contrib/pf/net/pf_ioctl.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sys/contrib/pf/net/pf_ioctl.c b/sys/contrib/pf/net/pf_ioctl.c index 4767dee..1794f0f 100644 --- a/sys/contrib/pf/net/pf_ioctl.c +++ b/sys/contrib/pf/net/pf_ioctl.c @@ -1058,7 +1058,7 @@ pfioctl(struct cdev *dev, u_long cmd, caddr_t addr, int flags, struct proc *p) /* XXX keep in sync with switch() below */ #ifdef __FreeBSD__ - if (securelevel_gt(td->td_ucred, 1)) + if (securelevel_gt(td->td_ucred, 2)) #else if (securelevel > 1) #endif |