d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

o Modify open() and close() for /dev/random to use securelevel_gt() instead

Browse Source 
of direct securelevel variable checks.

Obtained from:	TrustedBSD Project
This commit is contained in:
Robert Watson 2001-09-26 20:15:42 +00:00
parent 8002488bd9
commit 19f1565901
1 changed files with 16 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
sys/dev/random/randomdev.c
View File

@ -141,17 +141,27 @@ SYSCTL_PROC(_kern_random_sys_harvest, OID_AUTO, interrupt,
static int static int
random_open(dev_t dev, int flags, int fmt, struct thread *td) random_open(dev_t dev, int flags, int fmt, struct thread *td)
{ {
if ((flags & FWRITE) && (securelevel > 0 || suser(td->td_proc))) int error;
return EPERM;
else if (flags & FWRITE) {
return 0; error = suser(td->td_proc);
if (error)
return (error);
error = securelevel_gt(td->td_proc->p_ucred, 0);
if (error)
return (error);
}
return 0;
} }
static int static int
random_close(dev_t dev, int flags, int fmt, struct thread *td) random_close(dev_t dev, int flags, int fmt, struct thread *td)
{ {
if ((flags & FWRITE) && !(securelevel > 0 || suser(td->td_proc))) if (flags & FWRITE) {
random_reseed(); if (!(suser(td->td_proc) ||
securelevel_gt(td->td_proc->p_ucred, 0)))
random_reseed();
}
return 0; return 0;
} }