PERFORCE change 120666 for review
Robert Watson
rwatson at FreeBSD.org
Thu May 31 14:33:34 UTC 2007
http://perforce.freebsd.org/chv.cgi?CH=120666
Change 120666 by rwatson at rwatson_zoo on 2007/05/31 14:33:06
No more SUSER_ALLOWJAIL.
Affected files ...
.. //depot/projects/trustedbsd/priv/sys/kern/kern_priv.c#6 edit
Differences ...
==== //depot/projects/trustedbsd/priv/sys/kern/kern_priv.c#6 (text+ko) ====
@@ -77,18 +77,8 @@
/*
* Jail policy will restrict certain privileges that may otherwise be
* be granted.
- *
- * While debugging the transition from SUSER_ALLOWJAIL to Jail being
- * aware of specific privileges, perform run-time checking that the
- * two versions of the policy align. This assertion will go away
- * once the SUSER_ALLOWJAIL flag has gone away.
*/
error = prison_priv_check(cred, priv);
-#ifdef NOTYET
- KASSERT(!jailed(cred) || error == ((flags & SUSER_ALLOWJAIL) ? 0 :
- EPERM), ("priv_check_cred: prison_priv_check %d but flags %s",
- error, flags & SUSER_ALLOWJAIL ? "allowjail" : "!allowjail"));
-#endif
if (error)
return (error);
More information about the p4-projects
mailing list