diff options
author | rwatson <rwatson@FreeBSD.org> | 2001-04-13 14:33:45 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2001-04-13 14:33:45 +0000 |
commit | 2603acd499a69b5d2667953727a1a88dda86d675 (patch) | |
tree | d0eb5eb27edee565d3a25150a2a9ae2161280950 /sys/kern | |
parent | 592766811bc0a1b2062232e01733cb8e9e26d8be (diff) | |
download | FreeBSD-src-2603acd499a69b5d2667953727a1a88dda86d675.zip FreeBSD-src-2603acd499a69b5d2667953727a1a88dda86d675.tar.gz |
o Since uid checks in p_cansignal() are now identical between P_SUGID
and non-P_SUGID cases, simplify p_cansignal() logic so that the
P_SUGID masking of possible signals is independent from uid checks,
removing redundant code and generally improving readability.
Reviewed by: tmm
Obtained from: TrustedBSD Project
Diffstat (limited to 'sys/kern')
-rw-r--r-- | sys/kern/kern_prot.c | 42 |
1 files changed, 14 insertions, 28 deletions
diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c index c86e875..c5c6726 100644 --- a/sys/kern/kern_prot.c +++ b/sys/kern/kern_prot.c @@ -1077,20 +1077,6 @@ p_cansignal(struct proc *p1, struct proc *p2, int signum) case SIGHUP: case SIGUSR1: case SIGUSR2: - /* - * Restricted rules allow a broadish scope of uid - * uid overlap. - * XXX: Maybe too broad. - */ - if (p1->p_cred->p_ruid != p2->p_cred->p_ruid && - p1->p_ucred->cr_uid != p2->p_cred->p_ruid && - p1->p_cred->p_ruid != p2->p_cred->p_svuid && - p1->p_ucred->cr_uid != p2->p_cred->p_svuid) { - /* Not permitted, try privilege. */ - error = suser_xxx(NULL, p1, PRISON_ROOT); - if (error) - return (error); - } break; default: /* Not permitted, try privilege. */ @@ -1098,20 +1084,20 @@ p_cansignal(struct proc *p1, struct proc *p2, int signum) if (error) return (error); } - } else { - /* - * Normal rules allow a broad scope of uid overlap. - * XXX: Maybe too broad. - */ - if (p1->p_cred->p_ruid != p2->p_cred->p_ruid && - p1->p_cred->p_ruid != p2->p_cred->p_svuid && - p1->p_ucred->cr_uid != p2->p_cred->p_ruid && - p1->p_ucred->cr_uid != p2->p_cred->p_svuid) { - /* Not permitted, try privilege. */ - error = suser_xxx(NULL, p1, PRISON_ROOT); - if (error) - return (error); - } + } + + /* + * Generally, the object credential's ruid or svuid must match the + * subject credential's ruid or euid. + */ + if (p1->p_cred->p_ruid != p2->p_cred->p_ruid && + p1->p_cred->p_ruid != p2->p_cred->p_svuid && + p1->p_ucred->cr_uid != p2->p_cred->p_ruid && + p1->p_ucred->cr_uid != p2->p_cred->p_svuid) { + /* Not permitted, try privilege. */ + error = suser_xxx(NULL, p1, PRISON_ROOT); + if (error) + return (error); } return (0); |