d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
44533b1722
freebsd-skq/sys
History
Robert Watson 44533b1722 Re-implement kernel access control for quotactl() as found in the 
UFS quota implementation.  Push some quite broken access control
logic out of ufs_quotactl() into the individual command
implementations in ufs_quota.c; fix that logic.  Pass in the thread
argument to any quotactl command that will need to perform access
control.

o quotaon() requires privilege (PRISON_ROOT).

o quotaoff() requires privilege (PRISON_ROOT).

o getquota() requires that:

    If the type is USRQUOTA, either the effective uid match the
    requested quota ID, that the unprivileged_get_quota flag be
    set, or that the thread be privileged (PRISON_ROOT).

    If the type is GRPQUOTA, require that either the thread be
    a member of the group represented by the requested quota ID,
    that the unprivileged_get_quota flag be set, or that the
    thread be privileged (PRISON_ROOT).

o setquota() requires privilege (PRISON_ROOT).

o setuse() requires privilege (PRISON_ROOT).

o qsync() requires no special privilege (consistent with what
  was present before, but probably not very useful).

Add a new sysctl, security.bsd.unprivileged_get_quota, which when
set to a non-zero value, will permit unprivileged users to query user
quotas with non-matching uids and gids.  Set this to 0 by default
to be mostly consistent with the previous behavior (the same for
USRQUOTA, but not for GRPQUOTA).

Obtained from:	TrustedBSD Project
Sponsored by:	DARPA, Network Associates Laboratories
2003-06-15 06:36:19 +00:00
..
alpha Don't set TDF_UPCALLING in cpu_set_upcall, it is not only used by 2003-06-15 00:54:07 +00:00
amd64 Rename P_THREADED to P_SA. P_SA means a process is using scheduler 2003-06-15 00:31:24 +00:00
arm sys/sys/limits.h: 2003-05-19 20:29:07 +00:00
boot Don't start the beastie menu if the 'beastie_disable' variable is set to 2003-06-10 22:04:09 +00:00
cam Merge common XPT_CALC_GEOMETRY functions into a single convenience function. 2003-06-14 22:17:41 +00:00
coda Initialize struct vfsops C99-sparsely. 2003-06-12 20:48:38 +00:00
compat Rename P_THREADED to P_SA. P_SA means a process is using scheduler 2003-06-15 00:31:24 +00:00
conf Remove CPU_ATHLON_SSE_HACK option. 2003-06-15 04:29:37 +00:00
contrib This commit was generated by cvs2svn to compensate for changes in r115367, 2003-05-28 17:32:31 +00:00
crypto Use __FBSDID(). 2003-06-10 21:44:29 +00:00
ddb Rename P_THREADED to P_SA. P_SA means a process is using scheduler 2003-06-15 00:31:24 +00:00
dev - Enable support for building Configuration ROM. 2003-06-15 04:09:26 +00:00
fs Fix some style problems, some of which are old, some new, and some 2003-06-15 02:21:13 +00:00
geom Use __FBSDID(). 2003-06-11 06:49:16 +00:00
gnu Initialize struct vfsops C99-sparsely. 2003-06-12 20:48:38 +00:00
i4b Use __FBSDID(). 2003-06-11 00:01:05 +00:00
i386 Rename P_THREADED to P_SA. P_SA means a process is using scheduler 2003-06-15 00:31:24 +00:00
ia64 Rename P_THREADED to P_SA. P_SA means a process is using scheduler 2003-06-15 00:31:24 +00:00
isa Use __FBSDID(). 2003-06-11 00:34:37 +00:00
isofs/cd9660 Initialize struct vfsops C99-sparsely. 2003-06-12 20:48:38 +00:00
kern - Increase the ksegrp's cpu time history buffer to 250ms. 2003-06-15 04:14:25 +00:00
libkern Use __FBSDID(). 2003-06-11 05:37:42 +00:00
modules Include "../Makefile.inc" 2003-06-15 04:27:22 +00:00
net Fix a typo in an ATM media name. As this name was not use yet, no problems 2003-06-02 09:13:08 +00:00
netatalk - Use if_broadcastaddr from struct ifnet rather than relying on 2003-03-21 17:53:16 +00:00
netatm Use __FBSDID(). 2003-06-11 07:22:30 +00:00
netgraph Use the <sys/bitstring.h> rather than <bitstring.h> 2003-06-13 19:40:44 +00:00
netinet In the PKT_ALIAS_PROXY_ONLY mode, make sure to preserve the 2003-06-13 21:54:01 +00:00
netinet6 Add definitions for IN6ADDR_LINKLOCAL_ALLMDNS_INIT and INADDR_ALLMDNS_GROUP. 2003-04-29 22:03:46 +00:00
netipsec Introduce an M_ASSERTPKTHDR() macro which performs the very common task 2003-04-08 14:25:47 +00:00
netipx Use __FBSDID(). 2003-06-11 05:37:42 +00:00
netkey Use __FBSDID(). 2003-06-11 05:37:42 +00:00
netnatm Use __FBSDID(). 2003-06-11 05:37:42 +00:00
netncp Use __FBSDID(). 2003-06-11 05:37:42 +00:00
netsmb Avoid dereferencing the thread pointer in smb_iod_addrq() if it's NULL. 2003-06-14 15:45:34 +00:00
nfs Back out M_* changes, per decision of the TRB. 2003-02-19 05:47:46 +00:00
nfsclient Initialize struct vfsops C99-sparsely. 2003-06-12 20:48:38 +00:00
nfsserver Use __FBSDID(). 2003-06-11 05:37:42 +00:00
opencrypto Use __FBSDID(). 2003-06-11 05:57:50 +00:00
pc98 Disable unneeded devices and options. 2003-06-15 04:31:52 +00:00
pccard OLDCARD is OBSOLETE_IN_6. Tag it as such. 2003-06-12 04:46:43 +00:00
pci Merge common XPT_CALC_GEOMETRY functions into a single convenience function. 2003-06-14 22:17:41 +00:00
posix4 Use __FBSDID(). 2003-06-11 06:34:30 +00:00
powerpc Migrate the thread stack management functions from the machine-dependent 2003-06-14 23:23:55 +00:00
rpc
security Use __FBSDID(). 2003-06-11 00:56:59 +00:00
sparc64 Rename P_THREADED to P_SA. P_SA means a process is using scheduler 2003-06-15 00:31:24 +00:00
sys 1. Migrate TDF_UPCALLING from td_flags to td_pflags. 2003-06-15 03:18:58 +00:00
tools MFp4: 2003-03-28 06:43:50 +00:00
ufs Re-implement kernel access control for quotactl() as found in the 2003-06-15 06:36:19 +00:00
vm Use #ifdef __alpha__, not __alpha. 2003-06-15 00:12:42 +00:00
Makefile Exclude sys/boot for amd64. There are still toolchain issues to deal 2003-05-08 06:35:39 +00:00