aboutsummaryrefslogtreecommitdiff
path: root/sys/netatm
diff options
context:
space:
mode:
authorRobert Watson <rwatson@FreeBSD.org>2006-11-06 13:42:10 +0000
committerRobert Watson <rwatson@FreeBSD.org>2006-11-06 13:42:10 +0000
commitacd3428b7d3e94cef0e1881c868cb4b131d4ff41 (patch)
treeb9dd284620eeaddbff089cef10e4b1afb7918279 /sys/netatm
parent800c94083290dc4b38138b28cfc03ee77de4ff79 (diff)
downloadsrc-acd3428b7d3e94cef0e1881c868cb4b131d4ff41.tar.gz
src-acd3428b7d3e94cef0e1881c868cb4b131d4ff41.zip
Sweep kernel replacing suser(9) calls with priv(9) calls, assigning
specific privilege names to a broad range of privileges. These may require some future tweaking. Sponsored by: nCircle Network Security, Inc. Obtained from: TrustedBSD Project Discussed on: arch@ Reviewed (at least in part) by: mlaier, jmg, pjd, bde, ceri, Alex Lyashkov <umka at sevcity dot net>, Skip Ford <skip dot ford at verizon dot net>, Antoine Brodin <antoine dot brodin at laposte dot net>
Notes
Notes: svn path=/head/; revision=164033
Diffstat (limited to 'sys/netatm')
-rw-r--r--sys/netatm/atm_usrreq.c29
1 files changed, 21 insertions, 8 deletions
diff --git a/sys/netatm/atm_usrreq.c b/sys/netatm/atm_usrreq.c
index ad14e84a366f..6f40a4651227 100644
--- a/sys/netatm/atm_usrreq.c
+++ b/sys/netatm/atm_usrreq.c
@@ -36,6 +36,7 @@ __FBSDID("$FreeBSD$");
#include <sys/param.h>
#include <sys/systm.h>
#include <sys/sockio.h>
+#include <sys/priv.h>
#include <sys/protosw.h>
#include <sys/socket.h>
#include <net/if.h>
@@ -181,8 +182,11 @@ atm_dgram_control(so, cmd, data, ifp, td)
struct atmcfgreq *acp = (struct atmcfgreq *)data;
struct atm_pif *pip;
- if (td && (suser(td) != 0))
- ATM_RETERR(EPERM);
+ if (td != NULL) {
+ err = priv_check(td, PRIV_NETATM_CFG);
+ if (err)
+ ATM_RETERR(err);
+ }
switch (acp->acr_opcode) {
@@ -214,8 +218,11 @@ atm_dgram_control(so, cmd, data, ifp, td)
struct atmaddreq *aap = (struct atmaddreq *)data;
Atm_endpoint *epp;
- if (td && (suser(td) != 0))
- ATM_RETERR(EPERM);
+ if (td != NULL) {
+ err = priv_check(td, PRIV_NETATM_ADD);
+ if (err)
+ ATM_RETERR(err);
+ }
switch (aap->aar_opcode) {
@@ -264,8 +271,11 @@ atm_dgram_control(so, cmd, data, ifp, td)
struct sigmgr *smp;
Atm_endpoint *epp;
- if (td && (suser(td) != 0))
- ATM_RETERR(EPERM);
+ if (td != NULL) {
+ err = priv_check(td, PRIV_NETATM_DEL);
+ if (err)
+ ATM_RETERR(err);
+ }
switch (adp->adr_opcode) {
@@ -317,8 +327,11 @@ atm_dgram_control(so, cmd, data, ifp, td)
struct sigmgr *smp;
struct ifnet *ifp2;
- if (td && (suser(td) != 0))
- ATM_RETERR(EPERM);
+ if (td != NULL) {
+ err = priv_check(td, PRIV_NETATM_SET);
+ if (err)
+ ATM_RETERR(err);
+ }
switch (asp->asr_opcode) {
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-26 09:38:53 +0000