PERFORCE change 114558 for review
Robert Watson
rwatson at FreeBSD.org
Thu Feb 15 14:35:23 UTC 2007
http://perforce.freebsd.org/chv.cgi?CH=114558
Change 114558 by rwatson at rwatson_cinnamon on 2007/02/15 14:34:57
Make privilege check for differing uids setting process flags via
procfs the same as using other debugging mechanisms: allow in jail.
Affected files ...
.. //depot/projects/trustedbsd/priv/sys/fs/procfs/procfs_ioctl.c#7 edit
Differences ...
==== //depot/projects/trustedbsd/priv/sys/fs/procfs/procfs_ioctl.c#7 (text+ko) ====
@@ -110,11 +110,9 @@
* XXXRW: Is this specific check required here, as
* p_candebug() should implement it, or other checks
* are missing.
- *
- * XXXRW: Other debugging privileges are granted in
- * jail, why isn't this?
*/
- error = priv_check(td, PRIV_DEBUG_SUGID);
+ error = priv_check_cred(td->td_ucred,
+ PRIV_DEBUG_SUGID, SUSER_ALLOWJAIL);
if (error)
break;
}
More information about the p4-projects
mailing list