Date: Tue, 10 Apr 2007 13:19:48 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 117838 for review Message-ID: <200704101319.l3ADJmai011318@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=117838 Change 117838 by rwatson@rwatson_zoo on 2007/04/10 13:19:18 We do allow POSIX message queue privileges in jail in almost all cases, so make it all. Affected files ... .. //depot/projects/trustedbsd/priv/sys/kern/uipc_mqueue.c#8 edit Differences ... ==== //depot/projects/trustedbsd/priv/sys/kern/uipc_mqueue.c#8 (text+ko) ==== @@ -961,12 +961,9 @@ sx_assert(&pn->mn_info->mi_lock, SX_LOCKED); - /* - * XXXRW: Other instances of the message queue primitive are - * allowed in jail? - */ if (ucred->cr_uid != pn->mn_uid && - (error = priv_check_cred(ucred, PRIV_MQ_ADMIN, 0)) != 0) + (error = priv_check_cred(ucred, PRIV_MQ_ADMIN, + SUSER_ALLOWJAIL)) != 0) error = EACCES; else if (!pn->mn_deleted) { parent = pn->mn_parent;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200704101319.l3ADJmai011318>