diff options
author | truckman <truckman@FreeBSD.org> | 1998-12-13 07:19:13 +0000 |
---|---|---|
committer | truckman <truckman@FreeBSD.org> | 1998-12-13 07:19:13 +0000 |
commit | cd7e13cf0f39e9002df65770f2107d5f21aab3c3 (patch) | |
tree | a1d6fab6a85fec3502733d4d1f8906096ed70b81 /sys/kern | |
parent | fd960d48d63b5e2979147222e9d0f0f85e81f630 (diff) | |
download | FreeBSD-src-cd7e13cf0f39e9002df65770f2107d5f21aab3c3.zip FreeBSD-src-cd7e13cf0f39e9002df65770f2107d5f21aab3c3.tar.gz |
Add a generic flag, CTLFLAG_SECURE, which can be used to mark a sysctl
variable unwriteable when securelevel > 0.
Reviewed by: jdp, eivind
Diffstat (limited to 'sys/kern')
-rw-r--r-- | sys/kern/kern_sysctl.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/sys/kern/kern_sysctl.c b/sys/kern/kern_sysctl.c index 0d5f22e..b43c4ee 100644 --- a/sys/kern/kern_sysctl.c +++ b/sys/kern/kern_sysctl.c @@ -37,7 +37,7 @@ * SUCH DAMAGE. * * @(#)kern_sysctl.c 8.4 (Berkeley) 4/14/94 - * $Id: kern_sysctl.c,v 1.78 1998/10/16 03:55:00 peter Exp $ + * $Id: kern_sysctl.c,v 1.79 1998/12/04 22:54:51 archie Exp $ */ #include "opt_compat.h" @@ -804,7 +804,8 @@ sysctl_root SYSCTL_HANDLER_ARGS return ENOENT; found: /* If writing isn't allowed */ - if (req->newptr && !((*oidpp)->oid_kind & CTLFLAG_WR)) + if (req->newptr && (!((*oidpp)->oid_kind & CTLFLAG_WR) || + (((*oidpp)->oid_kind & CTLFLAG_SECURE) && securelevel > 0))) return (EPERM); /* Most likely only root can write */ |