git: e04b81f8b76c - stable/14 - cr_canseeotheruids(9): Revamp, mark as internal

From: Mitchell Horne <mhorne_at_FreeBSD.org>
Date: Tue, 17 Oct 2023 19:43:32 UTC
The branch stable/14 has been updated by mhorne:

URL: https://cgit.FreeBSD.org/src/commit/?id=e04b81f8b76ceb31abec1c739b42e70433047d3d

commit e04b81f8b76ceb31abec1c739b42e70433047d3d
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:42 +0000
Commit:     Mitchell Horne <mhorne@FreeBSD.org>
CommitDate: 2023-10-17 19:42:58 +0000

    cr_canseeotheruids(9): Revamp, mark as internal
    
    Significantly clarify.  Replace references to cr_canseeothergids(9) by
    ones to cr_bsd_visible(9).
    
    Reviewed by:            bcr, mhorne
    MFC after:              2 weeks
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40635
    
    (cherry picked from commit 4ddd253b38dff8725555355cc1b5238b1bbfd380)
---
 share/man/man9/cr_canseeotheruids.9 | 73 ++++++++++++++++++-------------------
 1 file changed, 36 insertions(+), 37 deletions(-)

diff --git a/share/man/man9/cr_canseeotheruids.9 b/share/man/man9/cr_canseeotheruids.9
index 80acc2d7a6ca..230c5ea59b78 100644
--- a/share/man/man9/cr_canseeotheruids.9
+++ b/share/man/man9/cr_canseeotheruids.9
@@ -1,5 +1,6 @@
 .\"
 .\" Copyright (c) 2003 Joseph Koshy <jkoshy@FreeBSD.org>
+.\" Copyright (c) 2023 Olivier Certner <olce.freebsd@certner.fr>
 .\"
 .\" All rights reserved.
 .\"
@@ -25,56 +26,54 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd November 11, 2003
+.Dd August 18, 2023
 .Dt CR_CANSEEOTHERUIDS 9
 .Os
 .Sh NAME
 .Nm cr_canseeotheruids
-.Nd determine visibility of objects given their user credentials
+.Nd determine if subjects may see entities with differing user ID
 .Sh SYNOPSIS
 .Ft int
 .Fn cr_canseeotheruids "struct ucred *u1" "struct ucred *u2"
 .Sh DESCRIPTION
-This function determines the visibility of objects in the
-kernel based on the real user IDs in the credentials
+.Bf -emphasis
+This function is internal.
+Its functionality is integrated into the function
+.Xr cr_bsd_visible 9 ,
+which should be called instead.
+.Ef
+.Pp
+This function checks if a subject associated to credentials
 .Fa u1
-and
+is denied seeing a subject or object associated to credentials
 .Fa u2
-associated with them.
+by a policy that requires both credentials to have the same real user ID.
 .Pp
-The visibility of objects is influenced by the
+This policy is active if and only if the
 .Xr sysctl 8
 variable
-.Va security.bsd.see_other_uids .
-If this variable is non-zero then all objects in the kernel
-are visible to each other irrespective of their user IDs.
-If this variable is zero then the object with credentials
-.Fa u2
-is visible to the object with credentials
-.Fa u1
-if either
-.Fa u1
-is the super-user credential, or if
-.Fa u1
-and
-.Fa u2
-have the same real user ID.
-.Sh SYSCTL VARIABLES
-.Bl -tag -width indent
-.It Va security.bsd.see_other_uids
-Must be non-zero if objects with unprivileged credentials are to be
-able to see each other.
-.El
+.Va security.bsd.see_other_uids
+is set to zero.
+.Pp
+As usual, the superuser (effective user ID 0) is exempt from this policy
+provided that the
+.Xr sysctl 8
+variable
+.Va security.bsd.suser_enabled
+is non-zero and no active MAC policy explicitly denies the exemption
+.Po
+see
+.Xr priv_check_cred 9
+.Pc .
 .Sh RETURN VALUES
-This function returns zero if the object with credential
+The
+.Fn cr_canseeotheruids
+function returns 0 if the policy is disabled, both credentials have the same
+real user ID, or if
 .Fa u1
-can
-.Dq see
-the object with credential
-.Fa u2 ,
-or
-.Er ESRCH
-otherwise.
+has privilege exempting it from the policy.
+Otherwise, it returns
+.Er ESRCH .
 .Sh SEE ALSO
-.Xr cr_canseeothergids 9 ,
-.Xr p_candebug 9
+.Xr cr_bsd_visible 9 ,
+.Xr priv_check_cred 9