cr_canseeothergids(): Policy change's manual pages impact

See previous commit that made cr_canseeothergids() use the new realgroupmember() function, taking into account real group IDs instead of effective ones. PR: 272093 Reviewed by: pauamma_gundo.com, mhorne Sponsored by: Kumacom SAS Differential Revision: https://reviews.freebsd.org/D40644 (cherry picked from commit 0452dd8413) Approved by: markj (mentor)
2024-10-03 15:15:01 +00:00 · 2023-08-18 01:54:46 +02:00 · 2023-08-18 01:54:46 +02:00 · 0297e7213c
parent f0951233c6
commit 0297e7213c
2 changed files with 5 additions and 5 deletions
--- a/share/man/man9/cr_bsd_visible.9
+++ b/share/man/man9/cr_bsd_visible.9
@ -97,7 +97,7 @@ and
 are not members of any common group
 .Po
 as determined by
-.Xr groupmember 9
+.Xr realgroupmember 9
 .Pc .
 .It Bq Er ESRCH
 Credentials
--- a/share/man/man9/cr_canseeothergids.9
+++ b/share/man/man9/cr_canseeothergids.9
@ -48,9 +48,9 @@ This function checks if a subject associated to credentials
 is denied seeing a subject or object associated to credentials
 .Fa u2
 by a policy that requires both credentials to have at least one group in common.
-For this determination, the effective and supplementary group IDs are used, but
-not the real group IDs, as per
-.Xr groupmember 9 .
+For this determination, the real and supplementary group IDs are used, but
+not the effective group IDs, as per
+.Xr realgroupmember 9 .
 .Pp
 This policy is active if and only if the
 .Xr sysctl 8
@ -79,5 +79,5 @@ Otherwise, it returns
 .Er ESRCH .
 .Sh SEE ALSO
 .Xr cr_bsd_visible 9 ,
-.Xr groupmember 9 ,
+.Xr realgroupmember 9 ,
 .Xr priv_check_cred 9