cr_cansee(9): cr_bsd_visible() impacts, simplifications

Remove references to cr_canseeothergids(9) and cr_canseeotheruids(9). Defer to cr_bsd_visible() for controlling sysctl(8) variables. Reviewed by: bcr, mhorne MFC after: 2 weeks Sponsored by: Kumacom SAS Differential Revision: https://reviews.freebsd.org/D40636
2024-07-22 02:37:15 +00:00 · 2023-08-18 01:54:42 +02:00 · 2023-08-18 01:54:42 +02:00 · 82f9bc9ea8
parent 4ddd253b38
commit 82f9bc9ea8
1 changed files with 27 additions and 34 deletions
--- a/share/man/man9/cr_cansee.9
+++ b/share/man/man9/cr_cansee.9
@ -1,5 +1,6 @@
 .\"
 .\" Copyright (c) 2006 Ceri Davies <ceri@FreeBSD.org>
+.\" Copyright (c) 2023 Olivier Certner <olce.freebsd@certner.fr>
 .\"
 .\" All rights reserved.
 .\"
@ -23,43 +24,39 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd November 19, 2006
+.Dd August 18, 2023
 .Dt CR_CANSEE 9
 .Os
 .Sh NAME
 .Nm cr_cansee
 .Nd "determine visibility of objects given their user credentials"
 .Sh SYNOPSIS
-.In sys/param.h
-.In sys/systm.h
-.In sys/ucred.h
+.In sys/proc.h
 .Ft int
 .Fn cr_cansee "struct ucred *u1" "struct ucred *u2"
 .Sh DESCRIPTION
-This function determines the visibility of objects in the
-kernel based on the real user IDs and group IDs in the credentials
+This function determines if a subject with credential
 .Fa u1
-and
-.Fa u2
-associated with them.
+can see a subject or object associated to credential
+.Fa u2 .
 .Pp
-The visibility of objects is influenced by the
+Specific types of subjects may need to submit to additional or different
+restrictions.
+As an example, for processes, see
+.Xr p_cansee 9 ,
+which calls this function.
+.Pp
+The implementation relies on
+.Xr cr_bsd_visible 9
+and consequently the
 .Xr sysctl 8
-variables
-.Va security.bsd.see_other_gids
-and
-.Va security.bsd.see_other_uids ,
-as per the description in
-.Xr cr_canseeothergids 9
-and
-.Xr cr_canseeotheruids 9
-respectively.
+variables referenced in its manual page influence the result.
 .Sh RETURN VALUES
-This function returns zero if the object with credential
+This function returns zero if the subject with credential
 .Fa u1
 can
 .Dq see
-the object with credential
+the subject or object with credential
 .Fa u2 ,
 or
 .Er ESRCH
@ -67,24 +64,20 @@ otherwise.
 .Sh ERRORS
 .Bl -tag -width Er
 .It Bq Er ESRCH
-The object with credential
+The subject with credential
 .Fa u1
-cannot
-.Dq see
-the object with credential
-.Fa u2 .
-.It Bq Er ESRCH
-The object with credential
-.Fa u1
-has been jailed and the object with credential
+has been jailed and the subject or object with credential
 .Fa u2
-does not belong to the same jail as
-.Fa u1 .
+does not belong to the same jail or one of its sub-jails, as determined by
+.Xr prison_check 9 .
 .It Bq Er ESRCH
 The MAC subsystem denied visibility.
+.It Bq Er ESRCH
+.Xr cr_bsd_visible 9
+denied visibility according to the BSD security policies in force.
 .El
 .Sh SEE ALSO
-.Xr cr_canseeothergids 9 ,
-.Xr cr_canseeotheruids 9 ,
+.Xr prison_check 9 ,
 .Xr mac 9 ,
+.Xr cr_bsd_visible 9 ,
 .Xr p_cansee 9