From owner-p4-projects Thu Aug 8 15:19: 0 2002 Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id B2C9837B401; Thu, 8 Aug 2002 15:18:54 -0700 (PDT) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5601E37B400 for ; Thu, 8 Aug 2002 15:18:54 -0700 (PDT) Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0DC9643E70 for ; Thu, 8 Aug 2002 15:18:54 -0700 (PDT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: from freefall.freebsd.org (perforce@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.4/8.12.4) with ESMTP id g78MIrJU025584 for ; Thu, 8 Aug 2002 15:18:53 -0700 (PDT) (envelope-from bb+lists.freebsd.perforce@cyrus.watson.org) Received: (from perforce@localhost) by freefall.freebsd.org (8.12.4/8.12.4/Submit) id g78MIrBo025581 for perforce@freebsd.org; Thu, 8 Aug 2002 15:18:53 -0700 (PDT) Date: Thu, 8 Aug 2002 15:18:53 -0700 (PDT) Message-Id: <200208082218.g78MIrBo025581@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: perforce set sender to bb+lists.freebsd.perforce@cyrus.watson.org using -f From: Robert Watson Subject: PERFORCE change 15703 for review To: Perforce Change Reviews Sender: owner-p4-projects@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG http://people.freebsd.org/~peter/p4db/chv.cgi?CH=15703 Change 15703 by rwatson@rwatson_tislabs on 2002/08/08 15:18:28 Remove suser() exemptions for subject credential relabeling-- these were for debugging/development purposes only. The root user is no longer given special privilege to bypass label requirements for processes. Su and other user programs manipulating labels will still try to set the label based on user class policy, but they may fail if their own labels can't be relabeled to the requested user label for policy reasons. The only remaining explicit exemption for the superuser is for interface relabeling, and that probably requires us to have some notion of a security administrator role for MLS and Biba. Affected files ... .. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#95 edit .. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#77 edit Differences ... ==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#95 (text+ko) ==== @@ -1261,13 +1261,6 @@ */ if (new->mb_flags & MAC_BIBA_FLAGS_BOTH) { /* - * Exempt traditional superuser processes from the Biba - * relabel requirements. XXXMAC: This will go away. - */ - if (suser_cred(cred, 0) == 0) - return (0); - - /* * To change the Biba single label on a credential, the * new single label must be in the current range. */ ==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#77 (text+ko) ==== @@ -1209,13 +1209,6 @@ */ if (new->mm_flags & MAC_MLS_FLAGS_BOTH) { /* - * Exempt traditional superuser processes from the MLS - * relabel requirements. XXXMAC: This will go away. - */ - if (suser_cred(cred, 0) == 0) - return (0); - - /* * To change the MLS single label on a credential, the * new single label must be in the current range. */ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message