diff options
| author | Robert Watson <rwatson@FreeBSD.org> | 2002-11-03 02:39:42 +0000 |
|---|---|---|
| committer | Robert Watson <rwatson@FreeBSD.org> | 2002-11-03 02:39:42 +0000 |
| commit | 4b8d5f2d978412b376ae759882916c566f58afae (patch) | |
| tree | 13c3b22f9d0fec4fd6fd7b545bd326917f19839c /sys/kern/kern_mac.c | |
| parent | 62b693d7db46a2f0de2e00bcc733ee729ae37a20 (diff) | |
| download | src-4b8d5f2d978412b376ae759882916c566f58afae.tar.gz src-4b8d5f2d978412b376ae759882916c566f58afae.zip | |
Introduce mac_check_system_settime(), a MAC check allowing policies to
augment the system policy for changing the system time.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, Network Associates Laboratories
Notes
Notes:
svn path=/head/; revision=106369
Diffstat (limited to 'sys/kern/kern_mac.c')
| -rw-r--r-- | sys/kern/kern_mac.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/sys/kern/kern_mac.c b/sys/kern/kern_mac.c index f4cfa8ab2fc1..ff5c43a71f17 100644 --- a/sys/kern/kern_mac.c +++ b/sys/kern/kern_mac.c @@ -2492,6 +2492,19 @@ mac_check_system_reboot(struct ucred *cred, int howto) } int +mac_check_system_settime(struct ucred *cred) +{ + int error; + + if (!mac_enforce_system) + return (0); + + MAC_CHECK(check_system_settime, cred); + + return (error); +} + +int mac_check_system_swapon(struct ucred *cred, struct vnode *vp) { int error; |