Date: Thu, 17 May 2001 14:48:45 -0700 (PDT) From: Robert Watson <rwatson@FreeBSD.org> To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/kern kern_prot.c Message-ID: <200105172148.f4HLmj632630@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
rwatson 2001/05/17 14:48:45 PDT
Modified files:
sys/kern kern_prot.c
Log:
o Modify access control checks in p_candebug() such that the policy is as
follows: the effective uid of p1 (subject) must equal the real, saved,
and effective uids of p2 (object), p2 must not have undergone a
credential downgrade. A subject with appropriate privilege may override
these protections.
In the future, we will extend these checks to require that p1 effective
group membership must be a superset of p2 effective group membership.
Obtained from: TrustedBSD Project
Revision Changes Path
1.90 +4 -4 src/sys/kern/kern_prot.c
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200105172148.f4HLmj632630>