diff options
author | rwatson <rwatson@FreeBSD.org> | 2000-06-05 18:30:55 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2000-06-05 18:30:55 +0000 |
commit | 0b4c36a2ec9f11865986e9fa772847539fa0d5a3 (patch) | |
tree | 0c668bc7694b3c2865cf3a27789d7144bb295413 /sys/kern/kern_prot.c | |
parent | c2edee8c58862fb74d9655a3a5807c1466e0abc6 (diff) | |
download | FreeBSD-src-0b4c36a2ec9f11865986e9fa772847539fa0d5a3.zip FreeBSD-src-0b4c36a2ec9f11865986e9fa772847539fa0d5a3.tar.gz |
o bde suggested moving the SYSCTL from kern_mib to the more appropriate
kern_prot, which cleans up some namespace issues
o Don't need a special handler to limit un-setting, as suser is used to
protect suser_permitted, making it one-way by definition.
Suggested by: bde
Diffstat (limited to 'sys/kern/kern_prot.c')
-rw-r--r-- | sys/kern/kern_prot.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c index 9194e55..e001e2e 100644 --- a/sys/kern/kern_prot.c +++ b/sys/kern/kern_prot.c @@ -53,6 +53,7 @@ #include <sys/proc.h> #include <sys/malloc.h> #include <sys/pioctl.h> +#include <sys/sysctl.h> static MALLOC_DEFINE(M_CRED, "cred", "credentials"); @@ -931,6 +932,11 @@ groupmember(gid, cred) return (0); } +static int suser_permitted = 1; + +SYSCTL_INT(_kern, OID_AUTO, suser_permitted, CTLFLAG_RW, &suser_permitted, 0, + "processes with uid 0 have privilege"); + /* * Test whether the specified credentials imply "super-user" * privilege; if so, and we have accounting info, set the flag |