From dd84acd074f137b6401d808ccbc179863479bac1 Mon Sep 17 00:00:00 2001
From: Poul-Henning Kamp <phk@FreeBSD.org>
Date: Sat, 30 Jan 1999 12:28:49 +0000
Subject: [PATCH] Put a comment here about using suser() to determine
 super-user-ness. Using suser() means that the p_acflag will (can) be set, to
 show that a process used super-powers during execution.  It also makes it
 easier to restrict roots we don't trust later on.

Reviewed by:	bde
---
 sys/sys/ucred.h | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/sys/sys/ucred.h b/sys/sys/ucred.h
index d3899c3b4c50..c0e9cc20c127 100644
--- a/sys/sys/ucred.h
+++ b/sys/sys/ucred.h
@@ -31,7 +31,7 @@
  * SUCH DAMAGE.
  *
  *	@(#)ucred.h	8.4 (Berkeley) 1/9/95
- * $Id$
+ * $Id: ucred.h,v 1.8 1997/02/22 09:46:19 peter Exp $
  */
 
 #ifndef _SYS_UCRED_H_
@@ -39,6 +39,9 @@
 
 /*
  * Credentials.
+ *
+ * Please do not inspect cr_uid directly to determine superuserness.
+ * only the suser() function should be used for this.
  */
 struct ucred {
 	u_short	cr_ref;			/* reference count */