o Remove the disabled p_cansched() test cases that permitted users to

modify the scheduling properties of processes with a different real
  uid but the same effective uid (i.e., daemons, et al).  (note: these
  cases were previously commented out, so this does not change the
  compiled code at al)

Obtained from:	TrustedBSD Project
This commit is contained in:
Robert Watson 2001-04-27 01:56:32 +00:00
parent 23936bbf45
commit 80c9c40df9

View File

@ -1143,17 +1143,6 @@ p_cansched(struct proc *p1, struct proc *p2, int *privused)
return (0);
if (p1->p_ucred->cr_uid == p2->p_cred->p_ruid)
return (0);
#if 0
/*
* XXX should a process be able to affect another process
* acting as the same uid (i.e., sendmail delivery, lpd,
* et al?)
*/
if (p1->p_cred->p_ruid == p2->p_ucred->cr_uid)
return (0);
if (p1->p_ucred->cr_uid == p2->p_ucred->cr_uid)
return (0);
#endif /* 0 */
if (!suser_xxx(0, p1, PRISON_ROOT)) {
if (privused != NULL)