From owner-cvs-all  Tue Oct  9 14:40:36 2001
Delivered-To: cvs-all@freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP
	id 5BB9E37B408; Tue,  9 Oct 2001 14:40:31 -0700 (PDT)
Received: (from rwatson@localhost)
	by freefall.freebsd.org (8.11.4/8.11.4) id f99LeVA74145;
	Tue, 9 Oct 2001 14:40:31 -0700 (PDT)
	(envelope-from rwatson)
Message-Id: <200110092140.f99LeVA74145@freefall.freebsd.org>
From: Robert Watson <rwatson@FreeBSD.org>
Date: Tue, 9 Oct 2001 14:40:31 -0700 (PDT)
To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: cvs commit: src/sys/kern kern_proc.c kern_prot.c uipc_socket.c
         uipc_usrreq.c src/sys/netinet raw_ip.c tcp_subr.c udp_usrreq.c
X-FreeBSD-CVS-Branch: HEAD
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG

rwatson     2001/10/09 14:40:31 PDT

  Modified files:
    sys/kern             kern_proc.c kern_prot.c uipc_socket.c 
                         uipc_usrreq.c 
    sys/netinet          raw_ip.c tcp_subr.c udp_usrreq.c 
  Log:
  - Combine kern.ps_showallprocs and kern.ipc.showallsockets into
    a single kern.security.seeotheruids_permitted, describes as:
    "Unprivileged processes may see subjects/objects with different real uid"
    NOTE: kern.ps_showallprocs exists in -STABLE, and therefore there is
    an API change.  kern.ipc.showallsockets does not.
  - Check kern.security.seeotheruids_permitted in cr_cansee().
  - Replace visibility calls to socheckuid() with cr_cansee() (retain
    the change to socheckuid() in ipfw, where it is used for rule-matching).
  - Remove prison_unpcb() and make use of cr_cansee() against the UNIX
    domain socket credential instead of comparing root vnodes for the
    UDS and the process.  This allows multiple jails to share the same
    chroot() and not see each others UNIX domain sockets.
  - Remove unused socheckproc().
  
  Now that cr_cansee() is used universally for socket visibility, a variety
  of policies are more consistently enforced, including uid-based
  restrictions and jail-based restrictions.  This also better-supports
  the introduction of additional MAC models.
  
  Reviewed by:	ps, billf
  Obtained from:	TrustedBSD Project
  
  Revision  Changes    Path
  1.102     +1 -5      src/sys/kern/kern_proc.c
  1.111     +13 -3     src/sys/kern/kern_prot.c
  1.102     +1 -20     src/sys/kern/uipc_socket.c
  1.74      +4 -14     src/sys/kern/uipc_usrreq.c
  1.85      +3 -3      src/sys/netinet/raw_ip.c
  1.116     +4 -4      src/sys/netinet/tcp_subr.c
  1.98      +4 -4      src/sys/netinet/udp_usrreq.c


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message