diff options
author | rwatson <rwatson@FreeBSD.org> | 2002-11-03 02:39:42 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2002-11-03 02:39:42 +0000 |
commit | 7537530ad867a2a7e001d6becf47c25f0d0d0b2b (patch) | |
tree | 13c3b22f9d0fec4fd6fd7b545bd326917f19839c /sys/security/mac/mac_syscalls.c | |
parent | c9f86b731d744756f510247ea7f52517bc88c0c1 (diff) | |
download | FreeBSD-src-7537530ad867a2a7e001d6becf47c25f0d0d0b2b.zip FreeBSD-src-7537530ad867a2a7e001d6becf47c25f0d0d0b2b.tar.gz |
Introduce mac_check_system_settime(), a MAC check allowing policies to
augment the system policy for changing the system time.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
Diffstat (limited to 'sys/security/mac/mac_syscalls.c')
-rw-r--r-- | sys/security/mac/mac_syscalls.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/sys/security/mac/mac_syscalls.c b/sys/security/mac/mac_syscalls.c index f4cfa8a..ff5c43a 100644 --- a/sys/security/mac/mac_syscalls.c +++ b/sys/security/mac/mac_syscalls.c @@ -2492,6 +2492,19 @@ mac_check_system_reboot(struct ucred *cred, int howto) } int +mac_check_system_settime(struct ucred *cred) +{ + int error; + + if (!mac_enforce_system) + return (0); + + MAC_CHECK(check_system_settime, cred); + + return (error); +} + +int mac_check_system_swapon(struct ucred *cred, struct vnode *vp) { int error; |