diff options
author | dillon <dillon@FreeBSD.org> | 2003-01-14 19:35:33 +0000 |
---|---|---|
committer | dillon <dillon@FreeBSD.org> | 2003-01-14 19:35:33 +0000 |
commit | dab80127c869f0186bdcd377800f26d02493275c (patch) | |
tree | b91be0792326f5fadb2ec44cf34f67e8496fa337 /sys/kern/kern_sysctl.c | |
parent | 0a61e145e988f4a47d8edac3564be348eade25b1 (diff) | |
download | FreeBSD-src-dab80127c869f0186bdcd377800f26d02493275c.zip FreeBSD-src-dab80127c869f0186bdcd377800f26d02493275c.tar.gz |
Introduce the ability to flag a sysctl for operation at secure level 2 or 3
in addition to secure level 1. The mask supports up to a secure level of 8
but only add defines through CTLFLAG_SECURE3 for now.
As per the missif in the log entry for 1.11 of ip_fw2.c which added the
secure flag to the IPFW sysctl's in the first place, change the secure
level requirement from 1 to 3 now that we have support for it.
Reviewed by: imp
With Design Suggestions by: imp
Diffstat (limited to 'sys/kern/kern_sysctl.c')
-rw-r--r-- | sys/kern/kern_sysctl.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/sys/kern/kern_sysctl.c b/sys/kern/kern_sysctl.c index 74cec52..08d1f80 100644 --- a/sys/kern/kern_sysctl.c +++ b/sys/kern/kern_sysctl.c @@ -1098,7 +1098,7 @@ static int sysctl_root(SYSCTL_HANDLER_ARGS) { struct sysctl_oid *oid; - int error, indx; + int error, indx, lvl; error = sysctl_find_oid(arg1, arg2, &oid, &indx, req); if (error) @@ -1122,7 +1122,8 @@ sysctl_root(SYSCTL_HANDLER_ARGS) /* Is this sysctl sensitive to securelevels? */ if (req->newptr && (oid->oid_kind & CTLFLAG_SECURE)) { - error = securelevel_gt(req->td->td_ucred, 0); + lvl = (oid->oid_kind & CTLMASK_SECURE) >> CTLSHIFT_SECURE; + error = securelevel_gt(req->td->td_ucred, lvl); if (error) return (error); } |