o Restructure privilege check associated with process visibility for

ps_showallprocs such that if superuser is present to override process hiding, the search falls through [to success]. When additional restrictions are placed on process visibility, such as MAC, new clauses will be placed above the return(0). Obtained from: TrustedBSD Project
2001-03-29 22:59:44 +00:00 · 2001-03-29 22:59:44 +00:00 · 70020cb701
commit 70020cb701
parent 4aa742e5f2
1 changed files with 1 additions and 3 deletions
--- a/sys/kern/kern_prot.c
+++ b/sys/kern/kern_prot.c
@ -984,9 +984,7 @@ u_cansee(struct ucred *u1, struct ucred *u2)
 	if ((error = prison_check(u1, u2)))
 		return (error);
 	if (!ps_showallprocs && u1->cr_uid != u2->cr_uid) {
-		if (suser_xxx(u1, NULL, PRISON_ROOT) == 0)
-			return (0);
-		else
+		if (suser_xxx(u1, NULL, PRISON_ROOT) != 0)
 			return (ESRCH);
 	}
 	return (0);