diff options
author | rwatson <rwatson@FreeBSD.org> | 2007-06-12 00:12:01 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2007-06-12 00:12:01 +0000 |
commit | 00b02345d424dac8a490ff28ff75fd9386196583 (patch) | |
tree | c439df85bebf079d07319c231d64ac481577b036 /sys/kern/kern_sysctl.c | |
parent | e93b04c2868ee901613297bfbd90ff9990d8300e (diff) | |
download | FreeBSD-src-00b02345d424dac8a490ff28ff75fd9386196583.zip FreeBSD-src-00b02345d424dac8a490ff28ff75fd9386196583.tar.gz |
Eliminate now-unused SUSER_ALLOWJAIL arguments to priv_check_cred(); in
some cases, move to priv_check() if it was an operation on a thread and
no other flags were present.
Eliminate caller-side jail exception checking (also now-unused); jail
privilege exception code now goes solely in kern_jail.c.
We can't yet eliminate suser() due to some cases in the KAME code where
a privilege check is performed and then used in many different deferred
paths. Do, however, move those prototypes to priv.h.
Reviewed by: csjp
Obtained from: TrustedBSD Project
Diffstat (limited to 'sys/kern/kern_sysctl.c')
-rw-r--r-- | sys/kern/kern_sysctl.c | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/sys/kern/kern_sysctl.c b/sys/kern/kern_sysctl.c index 6100f41..893c54f 100644 --- a/sys/kern/kern_sysctl.c +++ b/sys/kern/kern_sysctl.c @@ -1280,8 +1280,7 @@ sysctl_root(SYSCTL_HANDLER_ARGS) /* Is this sysctl writable by only privileged users? */ if (req->newptr && !(oid->oid_kind & CTLFLAG_ANYBODY)) { if (oid->oid_kind & CTLFLAG_PRISON) - error = priv_check_cred(req->td->td_ucred, - PRIV_SYSCTL_WRITEJAIL, SUSER_ALLOWJAIL); + error = priv_check(req->td, PRIV_SYSCTL_WRITEJAIL); else error = priv_check(req->td, PRIV_SYSCTL_WRITE); if (error) |