Rather than passing SUSER_RUID into priv_check_cred() to specify when

a privilege is checked against the real uid rather than the effective
uid, instead decide which uid to use in priv_check_cred() based on the
privilege passed in.  We use the real uid for PRIV_MAXFILES,
PRIV_MAXPROC, and PRIV_PROC_LIMIT.  Remove the definition of
SUSER_RUID; there are now no flags defined for priv_check_cred().

Obtained from:	TrustedBSD Project

1 files changed, 4 insertions, 10 deletions

diff --git a/sys/sys/priv.h b/sys/sys/priv.h
index e79cc40..b18319c 100644
--- a/sys/sys/priv.h
+++ b/sys/sys/priv.h
@@ -457,10 +457,10 @@
 #ifdef _KERNEL
 /*
  * Privilege check interfaces, modeled after historic suser() interfacs, but
- * with the addition of a specific privilege name.  The existing SUSER_* flag
- * name space is used here.  The jail flag will likely be something that can
- * be removed at some point as jail itself will be able to decide if the priv
- * is appropriate, rather than the caller.
+ * with the addition of a specific privilege name.  No flags are currently
+ * defined for the API.  Historically, flags specified using the real uid
+ * instead of the effective uid, and whether or not the check should be
+ * allowed in jail.
  */
 struct thread;
 struct ucred;
@@ -472,12 +472,6 @@ int	priv_check_cred(struct ucred *cred, int priv, int flags);
  */
 int	suser(struct thread *td);
 int	suser_cred(struct ucred *cred, int flags);
-
-/*
- * For historical reasons, flags to priv_check_cred() retain the SUSER_
- * prefix.
- */
-#define	SUSER_RUID	2
 #endif
 
 #endif /* !_SYS_PRIV_H_ */