d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Sync up PRIV_IPC_{ADMIN,READ,WRITE} priv checks in ipcperm() with

Browse Source 
kern_jail.c: allow jailed root these privileges.  This only has an
effect if System V IPC is administratively enabled for the jail.
This commit is contained in:
Robert Watson 2007-02-20 00:06:59 +00:00
parent b12c55ab92
commit 2390d78f74
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=166837
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
sys/kern/sysv_ipc.c
View File

@ -125,19 +125,22 @@ ipcperm(struct thread *td, struct ipc_perm *perm, int acc_mode)
*/
priv_granted = 0;
if ((acc_mode & IPC_M) && !(dac_granted & IPC_M)) {
error = priv_check(td, PRIV_IPC_ADMIN);
error = priv_check_cred(td->td_ucred, PRIV_IPC_ADMIN,
SUSER_ALLOWJAIL);
if (error == 0)
priv_granted |= IPC_M;
}
if ((acc_mode & IPC_R) && !(dac_granted & IPC_R)) {
error = priv_check(td, PRIV_IPC_READ);
error = priv_check_cred(td->td_ucred, PRIV_IPC_READ,
SUSER_ALLOWJAIL);
if (error == 0)
priv_granted |= IPC_R;
}
if ((acc_mode & IPC_W) && !(dac_granted & IPC_W)) {
error = priv_check(td, PRIV_IPC_WRITE);
error = priv_check_cred(td->td_ucred, PRIV_IPC_WRITE,
SUSER_ALLOWJAIL);
if (error == 0)
priv_granted |= IPC_W;
}