git: d9181d86c6ae - stable/14 - cr_bsd_visible(9): New man page
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 17 Oct 2023 19:43:29 UTC
The branch stable/14 has been updated by mhorne: URL: https://cgit.FreeBSD.org/src/commit/?id=d9181d86c6aed243927620b414a7c37b1ae613d7 commit d9181d86c6aed243927620b414a7c37b1ae613d7 Author: Olivier Certner <olce.freebsd@certner.fr> AuthorDate: 2023-08-17 23:54:40 +0000 Commit: Mitchell Horne <mhorne@FreeBSD.org> CommitDate: 2023-10-17 19:42:58 +0000 cr_bsd_visible(9): New man page Reviewed by: bcr, pauamma_gundo.com MFC after: 2 weeks Sponsored by: Kumacom SAS Differential Revision: https://reviews.freebsd.org/D40632 (cherry picked from commit 0d6bf73c4f20e6ed719c29c1b382d24bb0a81a2f) --- share/man/man9/Makefile | 1 + share/man/man9/cr_bsd_visible.9 | 117 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 118 insertions(+) diff --git a/share/man/man9/Makefile b/share/man/man9/Makefile index 71a11a7cc6c0..c3c81719b7d2 100644 --- a/share/man/man9/Makefile +++ b/share/man/man9/Makefile @@ -68,6 +68,7 @@ MAN= accept_filter.9 \ copy.9 \ counter.9 \ cpuset.9 \ + cr_bsd_visible.9 \ cr_cansee.9 \ cr_canseejailproc.9 \ cr_canseeothergids.9 \ diff --git a/share/man/man9/cr_bsd_visible.9 b/share/man/man9/cr_bsd_visible.9 new file mode 100644 index 000000000000..bd676e6f5705 --- /dev/null +++ b/share/man/man9/cr_bsd_visible.9 @@ -0,0 +1,117 @@ +.\" +.\" SPDX-License-Identifier: BSD-2-Clause +.\" +.\" Copyright (c) 2023 Olivier Certner <olce.freebsd@certner.fr> +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY EXPRESS OR +.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +.\" IN NO EVENT SHALL THE DEVELOPERS BE LIABLE FOR ANY DIRECT, INDIRECT, +.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +.\" +.Dd August 18, 2023 +.Dt CR_BSD_VISIBLE 9 +.Os +.Sh NAME +.Nm cr_bsd_visible +.Nd determine if subjects may see entities according to BSD security policies +.Sh SYNOPSIS +.In sys/proc.h +.Ft int +.Fn cr_bsd_visible "struct ucred *u1" "struct ucred *u2" +.Sh DESCRIPTION +This function determines if a subject with credentials +.Fa u1 +is denied seeing an object or subject associated to credentials +.Fa u2 +by the following policies and associated +.Xr sysctl 8 +knobs: +.Bl -tag -width indent +.It Va security.bsd.seeotheruids +If set to 0, subjects cannot see other subjects or objects if they are not +associated with the same real user ID. +The corresponding internal function is +.Xr cr_canseeotheruids 9 . +.It Va security.bsd.seeothergids +If set to 0, subjects cannot see other subjects or objects if they are not both +a member of at least one common group. +The corresponding internal function is +.Xr cr_canseeothergids 9 . +.It Va security.bsd.see_jail_proc +If set to 0, subjects cannot see other subjects or objects that are not +associated with the same jail as they are. +The corresponding internal function is +.Xr cr_canseejailproc 9 . +.El +.Pp +As usual, the superuser (effective user ID 0) is exempt from any of these +policies provided that the +.Xr sysctl 8 +variable +.Va security.bsd.suser_enabled +is non-zero and no active MAC policy explicitly denies the exemption +.Po +see +.Xr priv_check_cred 9 +.Pc . +.Pp +This function is intended to be used as a helper to implement +.Xr cr_cansee 9 +and similar functions. +.Sh RETURN VALUES +This function returns zero if a subject with credentials +.Fa u1 +may see a subject or object with credentials +.Fa u2 +by the active above-mentioned policies, or +.Er ESRCH +otherwise. +.Sh ERRORS +.Bl -tag -width Er +.It Bq Er ESRCH +Credentials +.Fa u1 +and +.Fa u2 +do not have the same real user ID. +.It Bq Er ESRCH +Credentials +.Fa u1 +and +.Fa u2 +are not members of any common group +.Po +as determined by +.Xr groupmember 9 +.Pc . +.It Bq Er ESRCH +Credentials +.Fa u1 +and +.Fa u2 +are not in the same jail. +.El +.Sh SEE ALSO +.Xr cr_canseeotheruids 9 , +.Xr cr_canseeothergids 9 , +.Xr cr_canseejailproc 9 , +.Xr priv_check_cred 9 , +.Xr cr_cansee 9 +.Sh AUTHORS +This function and its manual page were written by +.An Olivier Certner Aq Mt olce.freebsd@certner.fr .