git: 2ecbfdaecbd0 - stable/14 - cr_cansee(9): cr_bsd_visible() impacts, simplifications

From: Mitchell Horne <mhorne_at_FreeBSD.org>
Date: Tue, 17 Oct 2023 19:43:33 UTC
The branch stable/14 has been updated by mhorne:

URL: https://cgit.FreeBSD.org/src/commit/?id=2ecbfdaecbd009d32b2453c7b2bd6c33656b92ef

commit 2ecbfdaecbd009d32b2453c7b2bd6c33656b92ef
Author:     Olivier Certner <olce.freebsd@certner.fr>
AuthorDate: 2023-08-17 23:54:42 +0000
Commit:     Mitchell Horne <mhorne@FreeBSD.org>
CommitDate: 2023-10-17 19:42:58 +0000

    cr_cansee(9): cr_bsd_visible() impacts, simplifications
    
    Remove references to cr_canseeothergids(9) and cr_canseeotheruids(9).
    Defer to cr_bsd_visible() for controlling sysctl(8) variables.
    
    Reviewed by:            bcr, mhorne
    MFC after:              2 weeks
    Sponsored by:           Kumacom SAS
    Differential Revision:  https://reviews.freebsd.org/D40636
    
    (cherry picked from commit 82f9bc9ea8ed660c61050ad1d92f1a64108c7004)
---
 share/man/man9/cr_cansee.9 | 61 ++++++++++++++++++++--------------------------
 1 file changed, 27 insertions(+), 34 deletions(-)

diff --git a/share/man/man9/cr_cansee.9 b/share/man/man9/cr_cansee.9
index 4824a231170b..d5cdfdd6f8e5 100644
--- a/share/man/man9/cr_cansee.9
+++ b/share/man/man9/cr_cansee.9
@@ -1,5 +1,6 @@
 .\"
 .\" Copyright (c) 2006 Ceri Davies <ceri@FreeBSD.org>
+.\" Copyright (c) 2023 Olivier Certner <olce.freebsd@certner.fr>
 .\"
 .\" All rights reserved.
 .\"
@@ -23,43 +24,39 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd November 19, 2006
+.Dd August 18, 2023
 .Dt CR_CANSEE 9
 .Os
 .Sh NAME
 .Nm cr_cansee
 .Nd "determine visibility of objects given their user credentials"
 .Sh SYNOPSIS
-.In sys/param.h
-.In sys/systm.h
-.In sys/ucred.h
+.In sys/proc.h
 .Ft int
 .Fn cr_cansee "struct ucred *u1" "struct ucred *u2"
 .Sh DESCRIPTION
-This function determines the visibility of objects in the
-kernel based on the real user IDs and group IDs in the credentials
+This function determines if a subject with credential
 .Fa u1
-and
-.Fa u2
-associated with them.
+can see a subject or object associated to credential
+.Fa u2 .
 .Pp
-The visibility of objects is influenced by the
+Specific types of subjects may need to submit to additional or different
+restrictions.
+As an example, for processes, see
+.Xr p_cansee 9 ,
+which calls this function.
+.Pp
+The implementation relies on
+.Xr cr_bsd_visible 9
+and consequently the
 .Xr sysctl 8
-variables
-.Va security.bsd.see_other_gids
-and
-.Va security.bsd.see_other_uids ,
-as per the description in
-.Xr cr_canseeothergids 9
-and
-.Xr cr_canseeotheruids 9
-respectively.
+variables referenced in its manual page influence the result.
 .Sh RETURN VALUES
-This function returns zero if the object with credential
+This function returns zero if the subject with credential
 .Fa u1
 can
 .Dq see
-the object with credential
+the subject or object with credential
 .Fa u2 ,
 or
 .Er ESRCH
@@ -67,24 +64,20 @@ otherwise.
 .Sh ERRORS
 .Bl -tag -width Er
 .It Bq Er ESRCH
-The object with credential
-.Fa u1
-cannot
-.Dq see
-the object with credential
-.Fa u2 .
-.It Bq Er ESRCH
-The object with credential
+The subject with credential
 .Fa u1
-has been jailed and the object with credential
+has been jailed and the subject or object with credential
 .Fa u2
-does not belong to the same jail as
-.Fa u1 .
+does not belong to the same jail or one of its sub-jails, as determined by
+.Xr prison_check 9 .
 .It Bq Er ESRCH
 The MAC subsystem denied visibility.
+.It Bq Er ESRCH
+.Xr cr_bsd_visible 9
+denied visibility according to the BSD security policies in force.
 .El
 .Sh SEE ALSO
-.Xr cr_canseeothergids 9 ,
-.Xr cr_canseeotheruids 9 ,
+.Xr prison_check 9 ,
 .Xr mac 9 ,
+.Xr cr_bsd_visible 9 ,
 .Xr p_cansee 9