PERFORCE change 110795 for review

Fri Dec 1 04:59:03 PST 2006

http://perforce.freebsd.org/chv.cgi?CH=110795

Change 110795 by rwatson at rwatson_zoo on 2006/12/01 12:58:27

	Revert branch-local changes in kern_priv.c.

Affected files ...

.. //depot/projects/trustedbsd/priv/sys/kern/kern_priv.c#5 integrate

Differences ...

==== //depot/projects/trustedbsd/priv/sys/kern/kern_priv.c#5 (text+ko) ====

@@ -26,7 +26,7 @@
  * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  *
- * $FreeBSD$
+ * $FreeBSD: src/sys/kern/kern_priv.c,v 1.1 2006/11/06 13:37:17 rwatson Exp $
  */
 
 #include "opt_mac.h"
@@ -43,15 +43,13 @@
 
 /*
  * `suser_enabled' (which can be set by the security.bsd.suser_enabled
- * sysctl) determines whether the system 'super-user' policy is in effect.
- * If it is nonzero, an effective uid of 0 connotes special privilege,
+ * sysctl) determines whether the system 'super-user' policy is in effect.  If
+ * it is nonzero, an effective uid of 0 connotes special privilege,
  * overriding many mandatory and discretionary protections.  If it is zero,
  * uid 0 is offered no special privilege in the kernel security policy.
- * Setting it to zero may seriously impact the functionality of many
- * existing userland programs, and should not be done without careful
- * consideration of the consequences. 
- *
- * XXXRW: Update this comment as needed.
+ * Setting it to zero may seriously impact the functionality of many existing
+ * userland programs, and should not be done without careful consideration of
+ * the consequences. 
  */
 int	suser_enabled = 1;
 SYSCTL_INT(_security_bsd, OID_AUTO, suser_enabled, CTLFLAG_RW,
@@ -86,9 +84,11 @@
 	 * once the SUSER_ALLOWJAIL flag has gone away.
 	 */
 	error = prison_priv_check(cred, priv);
+#ifdef NOTYET
 	KASSERT(!jailed(cred) || error == ((flags & SUSER_ALLOWJAIL) ? 0 :
 	    EPERM), ("priv_check_cred: prison_priv_check %d but flags %s",
 	    error, flags & SUSER_ALLOWJAIL ? "allowjail" : "!allowjail"));
+#endif
 	if (error)
 		return (error);
 
@@ -100,7 +100,7 @@
 	 *
 	 * Superuser policy grants privilege based on the effective (or in
 	 * certain edge cases, real) uid being 0.  We allow the policy to be
-	 * globally disabled, although this is currently of limited uility.
+	 * globally disabled, although this is currently of limited utility.
 	 */
 	if (suser_enabled) {
 		if (flags & SUSER_RUID) {
@@ -134,8 +134,8 @@
 
 /*
  * Historical suser() wrapper functions, which now simply request PRIV_ROOT.
- * These will be removed in the near future, and exist solely because the
- * list of global privileges is not yet complete.
+ * These will be removed in the near future, and exist solely because
+ * the kernel and modules are not yet fully adapted to the new model.
  */
 int
 suser_cred(struct ucred *cred, int flags)
