system/freebsd-src
system/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src synced 2024-07-22 02:37:15 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

cr_canseeotheruids(9): Revamp, mark as internal

Browse source 
Significantly clarify.  Replace references to cr_canseeothergids(9) by
ones to cr_bsd_visible(9).

Reviewed by:            bcr, mhorne
MFC after:              2 weeks
Sponsored by:           Kumacom SAS
Differential Revision:  https://reviews.freebsd.org/D40635
This commit is contained in:
Olivier Certner 2023-08-18 01:54:42 +02:00 committed by Mitchell Horne
parent 75a45ca3b3
commit 4ddd253b38
1 changed files with 38 additions and 39 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

77
share/man/man9/cr_canseeotheruids.9
View file

@ -1,5 +1,6 @@
.\"
.\" Copyright (c) 2003 Joseph Koshy <jkoshy@FreeBSD.org>
.\" Copyright (c) 2023 Olivier Certner <olce.freebsd@certner.fr>
.\"
.\" All rights reserved.
.\"
@ -25,56 +26,54 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd November 11, 2003
.Dd August 18, 2023
.Dt CR_CANSEEOTHERUIDS 9
.Os
.Sh NAME
.Nm cr_canseeotheruids
.Nd determine visibility of objects given their user credentials
.Nd determine if subjects may see entities with differing user ID
.Sh SYNOPSIS
.Ft int
.Fn cr_canseeotheruids "struct ucred *u1" "struct ucred *u2"
.Sh DESCRIPTION
This function determines the visibility of objects in the
kernel based on the real user IDs in the credentials
.Fa u1
and
.Fa u2
associated with them.
.Bf -emphasis
This function is internal.
Its functionality is integrated into the function
.Xr cr_bsd_visible 9 ,
which should be called instead.
.Ef
.Pp
The visibility of objects is influenced by the
This function checks if a subject associated to credentials
.Fa u1
is denied seeing a subject or object associated to credentials
.Fa u2
by a policy that requires both credentials to have the same real user ID.
.Pp
This policy is active if and only if the
.Xr sysctl 8
variable
.Va security.bsd.see_other_uids .
If this variable is non-zero then all objects in the kernel
are visible to each other irrespective of their user IDs.
If this variable is zero then the object with credentials
.Fa u2
is visible to the object with credentials
.Fa u1
if either
.Fa u1
is the super-user credential, or if
.Fa u1
and
.Fa u2
have the same real user ID.
.Sh SYSCTL VARIABLES
.Bl -tag -width indent
.It Va security.bsd.see_other_uids
Must be non-zero if objects with unprivileged credentials are to be
able to see each other.
.El
.Va security.bsd.see_other_uids
is set to zero.
.Pp
As usual, the superuser (effective user ID 0) is exempt from this policy
provided that the
.Xr sysctl 8
variable
.Va security.bsd.suser_enabled
is non-zero and no active MAC policy explicitly denies the exemption
.Po
see
.Xr priv_check_cred 9
.Pc .
.Sh RETURN VALUES
This function returns zero if the object with credential
The
.Fn cr_canseeotheruids
function returns 0 if the policy is disabled, both credentials have the same
real user ID, or if
.Fa u1
can
.Dq see
the object with credential
.Fa u2 ,
or
.Er ESRCH
otherwise.
has privilege exempting it from the policy.
Otherwise, it returns
.Er ESRCH .
.Sh SEE ALSO
.Xr cr_canseeothergids 9 ,
.Xr p_candebug 9
.Xr cr_bsd_visible 9 ,
.Xr priv_check_cred 9