https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=109105
Oleksandr Tymoshenko <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] Component|Documentation |Manual Pages Assignee|[email protected] |[email protected] [email protected] changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #4 from [email protected] --- I was looking into ugidfw when I found this issue as well. firstmatch_enabled isn't being initialized properly. Index: sys/security/mac_bsdextended/mac_bsdextended.c =================================================================== --- sys/security/mac_bsdextended/mac_bsdextended.c (revision 355771) +++ sys/security/mac_bsdextended/mac_bsdextended.c (working copy) @@ -108,9 +108,9 @@ * between the new mode (first rule matches) and the old functionality (all * rules match). */ -static int ugidfw_firstmatch_enabled; +static int ugidfw_firstmatch_enabled = 1; SYSCTL_INT(_security_mac_bsdextended, OID_AUTO, firstmatch_enabled, - CTLFLAG_RW, &ugidfw_firstmatch_enabled, 1, + CTLFLAG_RW, &ugidfw_firstmatch_enabled, 0, "Disable/enable match first rule functionality"); static int At this point you've got to wonder if keeping the old behavior would be better though. -- You are receiving this mail because: You are the assignee for the bug. _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "[email protected]"
