o Update an instance of 'unprivileged_procdebug_permitted' missed

in the previous commit: the comment should also call it
  'unprivileged_proc_debug'.
This commit is contained in:
rwatson 2001-12-03 19:10:21 +00:00
parent 8694133670
commit fb311b7cce

View File

@ -1464,12 +1464,12 @@ p_cansched(struct proc *p1, struct proc *p2)
}
/*
* The 'unprivileged_procdebug_permitted' flag may be used to disable
* a variety of unprivileged inter-process debugging services, including
* some procfs functionality, ptrace(), and ktrace(). In the past,
* inter-process debugging has been involved in a variety of security
* problems, and sites not requiring the service might choose to disable it
* when hardening systems.
* The 'unprivileged_proc_debug' flag may be used to disable a variety of
* unprivileged inter-process debugging services, including some procfs
* functionality, ptrace(), and ktrace(). In the past, inter-process
* debugging has been involved in a variety of security problems, and sites
* not requiring the service might choose to disable it when hardening
* systems.
*
* XXX: Should modifying and reading this variable require locking?
* XXX: data declarations should be together near the beginning of the file.