diff options
| author | rwatson <rwatson@FreeBSD.org> | 2007-06-12 00:12:01 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2007-06-12 00:12:01 +0000 |
| commit | 00b02345d424dac8a490ff28ff75fd9386196583 (patch) | |
| tree | c439df85bebf079d07319c231d64ac481577b036 /sys/sys/priv.h | |
| parent | e93b04c2868ee901613297bfbd90ff9990d8300e (diff) | |
| download | FreeBSD-src-00b02345d424dac8a490ff28ff75fd9386196583.zip FreeBSD-src-00b02345d424dac8a490ff28ff75fd9386196583.tar.gz | |
Eliminate now-unused SUSER_ALLOWJAIL arguments to priv_check_cred(); in
some cases, move to priv_check() if it was an operation on a thread and
no other flags were present.
Eliminate caller-side jail exception checking (also now-unused); jail
privilege exception code now goes solely in kern_jail.c.
We can't yet eliminate suser() due to some cases in the KAME code where
a privilege check is performed and then used in many different deferred
paths. Do, however, move those prototypes to priv.h.
Reviewed by: csjp
Obtained from: TrustedBSD Project
Diffstat (limited to 'sys/sys/priv.h')
| -rw-r--r-- | sys/sys/priv.h | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/sys/sys/priv.h b/sys/sys/priv.h index 2b215c8..e79cc40 100644 --- a/sys/sys/priv.h +++ b/sys/sys/priv.h @@ -466,6 +466,18 @@ struct thread; struct ucred; int priv_check(struct thread *td, int priv); int priv_check_cred(struct ucred *cred, int priv, int flags); + +/* + * Continue to support external modules that rely on suser(9) -- for now. + */ +int suser(struct thread *td); +int suser_cred(struct ucred *cred, int flags); + +/* + * For historical reasons, flags to priv_check_cred() retain the SUSER_ + * prefix. + */ +#define SUSER_RUID 2 #endif #endif /* !_SYS_PRIV_H_ */ |
