From 4d410d139bf17c0573aa38279836a39fd20fbec1 Mon Sep 17 00:00:00 2001 From: rwatson Date: Tue, 28 Oct 2008 09:16:34 +0000 Subject: Extended comment on why we consider a partition relabel request of "0" to be a no-op request, and why this might have to change if we want to allow leaving a partition someday. Obtained from: TrustedBSD Project MFC after: 3 days --- sys/security/mac_partition/mac_partition.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'sys') diff --git a/sys/security/mac_partition/mac_partition.c b/sys/security/mac_partition/mac_partition.c index d684ea9c..425a188 100644 --- a/sys/security/mac_partition/mac_partition.c +++ b/sys/security/mac_partition/mac_partition.c @@ -114,7 +114,13 @@ partition_cred_check_relabel(struct ucred *cred, struct label *newlabel) error = 0; - /* Treat "0" as a no-op request. */ + /* + * Treat "0" as a no-op request because it reflects an unset + * partition label. If we ever want to support switching back to an + * unpartitioned state for a process, we'll need to differentiate the + * "not in a partition" and "no partition defined during internalize" + * conditions. + */ if (SLOT(newlabel) != 0) { /* * Require BSD privilege in order to change the partition. -- cgit v1.1