d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add PRIV_VFS_STAT privilege, which will allow overriding policy limits on

Browse Source 
the right to stat() a file, such as in mac_bsdextended.

Obtained from:	TrustedBSD Project
MFC after:	3 months
This commit is contained in:
rwatson 2007-10-21 22:50:11 +00:00
parent 96e4f348f4
commit 2bd7685cc6
2 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
sys/kern/kern_jail.c
View File

@ -684,6 +684,7 @@ prison_priv_check(struct ucred *cred, int priv)
case PRIV_VFS_FCHROOT:
case PRIV_VFS_LINK:
case PRIV_VFS_SETGID:
case PRIV_VFS_STAT:
case PRIV_VFS_STICKYFILE:
return (0);

1
sys/sys/priv.h
View File

@ -277,6 +277,7 @@
#define PRIV_VFS_STICKYFILE 341 /* Can set sticky bit on file. */
#define PRIV_VFS_SYSFLAGS 342 /* Can modify system flags. */
#define PRIV_VFS_UNMOUNT 343 /* Can unmount(). */
#define PRIV_VFS_STAT 344 /* Override vnode MAC stat perm. */
/*
* Virtual memory privileges.