PERFORCE change 16438 for review
Brian Feldman
green at freebsd.org
Thu Aug 22 20:50:49 GMT 2002
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=16438
Change 16438 by green at green_laptop_2 on 2002/08/22 13:50:16
For Lomac, don't disallow opening for read under any extra
circumstances.
Affected files ...
.. //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#2 edit
Differences ...
==== //depot/projects/trustedbsd/mac/sys/security/mac_lomac/mac_lomac.c#2 (text+ko) ====
@@ -1916,11 +1916,6 @@
subj = SLOT(&cred->cr_label);
obj = SLOT(vnodelabel);
- /* XXX privilege override for admin? */
- if (acc_mode & (VREAD | VEXEC | VSTAT)) {
- if (!mac_biba_dominate_single(obj, subj))
- return (EACCES);
- }
if (acc_mode & (VWRITE | VAPPEND | VADMIN)) {
if (!mac_biba_dominate_single(subj, obj))
return (EACCES);
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list