summaryrefslogtreecommitdiffstats
path: root/sys
diff options
context:
space:
mode:
authorrwatson <rwatson@FreeBSD.org>2007-02-20 00:06:59 +0000
committerrwatson <rwatson@FreeBSD.org>2007-02-20 00:06:59 +0000
commited1b7861e0d78d144590a79a6209137733c82c29 (patch)
tree500f708c95e16420eaab70b3c5acf711bc15b261 /sys
parent8b1a1cc871ae4440c48b2e27c120c7efc178b25d (diff)
downloadFreeBSD-src-ed1b7861e0d78d144590a79a6209137733c82c29.zip
FreeBSD-src-ed1b7861e0d78d144590a79a6209137733c82c29.tar.gz
Sync up PRIV_IPC_{ADMIN,READ,WRITE} priv checks in ipcperm() with
kern_jail.c: allow jailed root these privileges. This only has an effect if System V IPC is administratively enabled for the jail.
Diffstat (limited to 'sys')
-rw-r--r--sys/kern/sysv_ipc.c9
1 files changed, 6 insertions, 3 deletions
diff --git a/sys/kern/sysv_ipc.c b/sys/kern/sysv_ipc.c
index 0cbb4bb..7503760 100644
--- a/sys/kern/sysv_ipc.c
+++ b/sys/kern/sysv_ipc.c
@@ -125,19 +125,22 @@ ipcperm(struct thread *td, struct ipc_perm *perm, int acc_mode)
*/
priv_granted = 0;
if ((acc_mode & IPC_M) && !(dac_granted & IPC_M)) {
- error = priv_check(td, PRIV_IPC_ADMIN);
+ error = priv_check_cred(td->td_ucred, PRIV_IPC_ADMIN,
+ SUSER_ALLOWJAIL);
if (error == 0)
priv_granted |= IPC_M;
}
if ((acc_mode & IPC_R) && !(dac_granted & IPC_R)) {
- error = priv_check(td, PRIV_IPC_READ);
+ error = priv_check_cred(td->td_ucred, PRIV_IPC_READ,
+ SUSER_ALLOWJAIL);
if (error == 0)
priv_granted |= IPC_R;
}
if ((acc_mode & IPC_W) && !(dac_granted & IPC_W)) {
- error = priv_check(td, PRIV_IPC_WRITE);
+ error = priv_check_cred(td->td_ucred, PRIV_IPC_WRITE,
+ SUSER_ALLOWJAIL);
if (error == 0)
priv_granted |= IPC_W;
}
OpenPOWER on IntegriCloud