diff options
author | rwatson <rwatson@FreeBSD.org> | 2002-08-12 16:45:19 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2002-08-12 16:45:19 +0000 |
commit | 7a27007bbba75b4d691e1af110c195a64af712a2 (patch) | |
tree | 647f0cbfa6fe9e11f7b200b3b68e8d091ec9c606 /sys/kern/tty_tty.c | |
parent | b0388fc24a420479ae7a20ff88596aa5b5c56c47 (diff) | |
download | FreeBSD-src-7a27007bbba75b4d691e1af110c195a64af712a2.zip FreeBSD-src-7a27007bbba75b4d691e1af110c195a64af712a2.tar.gz |
Enforce MAC policy in cttyread() as well as the other operations
already instrumented.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
Diffstat (limited to 'sys/kern/tty_tty.c')
-rw-r--r-- | sys/kern/tty_tty.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/sys/kern/tty_tty.c b/sys/kern/tty_tty.c index 91503fc..f70f585 100644 --- a/sys/kern/tty_tty.c +++ b/sys/kern/tty_tty.c @@ -129,7 +129,12 @@ cttyread(dev, uio, flag) if (ttyvp == NULL) return (EIO); vn_lock(ttyvp, LK_EXCLUSIVE | LK_RETRY, td); - error = VOP_READ(ttyvp, uio, flag, NOCRED); +#ifdef MAC + /* XXX: Shouldn't the cred below be td->td_ucred not NOCRED? */ + error = mac_check_vnode_op(td->td_ucred, ttyvp, MAC_OP_VNODE_READ); + if (error == 0) +#endif + error = VOP_READ(ttyvp, uio, flag, NOCRED); VOP_UNLOCK(ttyvp, 0, td); return (error); } |