PERFORCE change 117838 for review
Robert Watson
rwatson at FreeBSD.org
Tue Apr 10 13:19:49 UTC 2007
http://perforce.freebsd.org/chv.cgi?CH=117838
Change 117838 by rwatson at rwatson_zoo on 2007/04/10 13:19:18
We do allow POSIX message queue privileges in jail in almost all cases,
so make it all.
Affected files ...
.. //depot/projects/trustedbsd/priv/sys/kern/uipc_mqueue.c#8 edit
Differences ...
==== //depot/projects/trustedbsd/priv/sys/kern/uipc_mqueue.c#8 (text+ko) ====
@@ -961,12 +961,9 @@
sx_assert(&pn->mn_info->mi_lock, SX_LOCKED);
- /*
- * XXXRW: Other instances of the message queue primitive are
- * allowed in jail?
- */
if (ucred->cr_uid != pn->mn_uid &&
- (error = priv_check_cred(ucred, PRIV_MQ_ADMIN, 0)) != 0)
+ (error = priv_check_cred(ucred, PRIV_MQ_ADMIN,
+ SUSER_ALLOWJAIL)) != 0)
error = EACCES;
else if (!pn->mn_deleted) {
parent = pn->mn_parent;
More information about the p4-projects
mailing list