Date: Thu, 31 Oct 2002 14:35:00 -0800 (PST) From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 20496 for review Message-ID: <200210312235.g9VMZ0PB024487@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=20496 Change 20496 by rwatson@rwatson_tislabs on 2002/10/31 14:34:51 Clarify, and in some cases, correct privilege checks. Affected files ... .. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#176 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#176 (text+ko) ==== @@ -1877,14 +1877,16 @@ struct label *label) { struct mac_biba *subj, *obj; + int error; if (!mac_biba_enabled) return (0); subj = SLOT(&cred->cr_label); - if (!mac_biba_subject_privileged(subj)) - return (EPERM); + error = mac_biba_subject_privileged(subj); + if (error) + return (error); if (label == NULL) return (0); @@ -1900,14 +1902,16 @@ mac_biba_check_system_settime(struct ucred *cred) { struct mac_biba *subj; + int error; if (!mac_biba_enabled) return (0); subj = SLOT(&cred->cr_label); - if (!mac_biba_subject_privileged(subj)) - return (EPERM); + error = mac_biba_subject_privileged(subj); + if (error) + return (error); return (0); } @@ -1917,6 +1921,7 @@ struct label *label) { struct mac_biba *subj, *obj; + int error; if (!mac_biba_enabled) return (0); @@ -1924,8 +1929,9 @@ subj = SLOT(&cred->cr_label); obj = SLOT(label); - if (!mac_biba_subject_privileged(subj)) - return (EPERM); + error = mac_biba_subject_privileged(subj); + if (error) + return (error); if (!mac_biba_high_single(obj)) return (EACCES); To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200210312235.g9VMZ0PB024487>