Module Name: src
Committed By: elad
Date: Tue Dec 29 04:25:30 UTC 2009
Modified Files:
src/sys/secmodel/suser: secmodel_suser.c
Log Message:
Use the socket credentials, now that we have them, instead of uidinfo.
To generate a diff of this commit:
cvs rdiff -u -r1.33 -r1.34 src/sys/secmodel/suser/secmodel_suser.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/secmodel/suser/secmodel_suser.c
diff -u src/sys/secmodel/suser/secmodel_suser.c:1.33 src/sys/secmodel/suser/secmodel_suser.c:1.34
--- src/sys/secmodel/suser/secmodel_suser.c:1.33 Thu Dec 24 19:02:07 2009
+++ src/sys/secmodel/suser/secmodel_suser.c Tue Dec 29 04:25:30 2009
@@ -1,4 +1,4 @@
-/* $NetBSD: secmodel_suser.c,v 1.33 2009/12/24 19:02:07 elad Exp $ */
+/* $NetBSD: secmodel_suser.c,v 1.34 2009/12/29 04:25:30 elad Exp $ */
/*-
* Copyright (c) 2006 Elad Efrat <e...@netbsd.org>
* All rights reserved.
@@ -38,7 +38,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.33 2009/12/24 19:02:07 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.34 2009/12/29 04:25:30 elad Exp $");
#include <sys/types.h>
#include <sys/param.h>
@@ -50,7 +50,6 @@
#include <sys/sysctl.h>
#include <sys/vnode.h>
#include <sys/proc.h>
-#include <sys/uidinfo.h>
#include <sys/module.h>
#include <secmodel/suser/suser.h>
@@ -752,11 +751,10 @@
if (secmodel_suser_curtain) {
struct socket *so;
- uid_t so_uid;
so = (struct socket *)arg1;
- so_uid = so->so_uidinfo->ui_uid;
- if (kauth_cred_geteuid(cred) != so_uid)
+
+ if (!proc_uidmatch(cred, so->so_cred))
result = KAUTH_RESULT_DENY;
}
