Project

General

Profile

Actions

Bug #1191

closed

suser to priv conversion patch

Added by mneumann about 15 years ago. Updated about 15 years ago.

Status:
Closed
Priority:
Low
Assignee:
-
Category:
-
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:

Description

Hi,

I've attached a patch that replaces suser(9) with priv(9). Priv(9) is a
new API used by FreeBSD, and what it adds is fine-grained control over
which privelges are requested (and granted in turn).

So instead of

suser(td)

you write:

priv_check(td, PRIV_ROOT);

This will request ROOT privileges (which is equivalent to the suser()
call above). Of course PRIV_ROOT is not recommended and only serves
until all privileges are replaced by more fine grained privileges.

In sys/priv.h all existing privileges are defined.

The new API is as follows:

int priv_check(struct thread *td, int priv);
int priv_check_cred(struct ucred *cred, int priv, int flag);

Old suser calls still work, but should be avoided and replaced by the
corresponding priv_* call.

The patch does not (yet) modify the way privileges are granted, i.e.
the implementation is identical to the corresponding suser_*() function.

If no one objects, I'd like to commit this soon to then concentrate on
introducing fine-grained privileges. If possible, I'd like to (later)
get rid of the flags argument of priv_check_cred() (or suser_cred()),
which can be either NULL_CRED_OKAY or PRISON_ROOT, but I've not yet
thought about it throrrowly enough.

Regards,

Michael

Files

suser_to_priv.patch (155 KB) suser_to_priv.patch mneumann, 12/29/2008 06:29 PM
Actions #1

Updated by mneumann about 15 years ago

Am 29.12.2008 19:16, schrieb Michael Neumann:
> Hi,
>
> I've attached a patch that replaces suser(9) with priv(9). Priv(9) is a
> new API used by FreeBSD, and what it adds is fine-grained control over
> which privelges are requested (and granted in turn).

Just commited :)

Regards,

Michael
Actions

Also available in: Atom PDF