diff options
author | rwatson <rwatson@FreeBSD.org> | 2001-09-25 12:02:44 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2001-09-25 12:02:44 +0000 |
commit | 56db2a389f66651dd552255ae3b877e454f98a96 (patch) | |
tree | 7cf9e2db23fe7a46ac5c400c94687e797309a08f /sys/ufs | |
parent | c8a3d8ce02d7b30653752539a956a80365b2c892 (diff) | |
download | FreeBSD-src-56db2a389f66651dd552255ae3b877e454f98a96.zip FreeBSD-src-56db2a389f66651dd552255ae3b877e454f98a96.tar.gz |
o Further clarify comment: ad Udo's request, re-insert the 'if'
refering to securelevels; also, update the unprivileged process text
to better indicate the scope of actions permittable when any system
flags are already set (limited).
Submitted by: Udo Schweigert <udo.schweigert@siemens.com>
Diffstat (limited to 'sys/ufs')
-rw-r--r-- | sys/ufs/ufs/ufs_vnops.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/sys/ufs/ufs/ufs_vnops.c b/sys/ufs/ufs/ufs_vnops.c index 1b2fffa..c47d0f6 100644 --- a/sys/ufs/ufs/ufs_vnops.c +++ b/sys/ufs/ufs/ufs_vnops.c @@ -482,9 +482,10 @@ ufs_setattr(ap) return (error); /* * Unprivileged processes and privileged processes in - * jail() are not permitted to set system flags. - * Privileged non-jail processes may not set system flags - * securelevel > 0. + * jail() are not permitted to unset system flags, or + * modify flags if any system flags are set. + * Privileged non-jail processes may not modify system flags + * if securelevel > 0 and any existing system flags are set. */ if (!suser_xxx(cred, NULL, 0)) { if ((ip->i_flags |