One day the PRISON_ROOT flag, which when passed to priv_check_cred()
allows the privilege in a jail, will be gone and all privileges allowed
in a jail are centrally maintained in the prison_priv_check() function
instead of spreading it over all the calls.
cache_drop(&pr->pr_root);
kfree(pr, M_PRISON);
}
+
+/*
+ * Check if permisson for a specific privilege is granted within jail.
+ */
+int
+prison_priv_check(struct ucred *cred, int priv)
+{
+ if (!jailed(cred))
+ return (0);
+
+ return (EPERM);
+}
int
priv_check_cred(struct ucred *cred, int priv, int flags)
{
+ int error;
+
KASSERT(PRIV_VALID(priv), ("priv_check_cred: invalid privilege"));
KASSERT(cred != NULL || flags & NULL_CRED_OKAY,
}
if (cred->cr_uid != 0)
return (EPERM);
- if (cred->cr_prison && !(flags & PRISON_ROOT))
- return (EPERM);
+
+ if (jailed(cred) && !(flags & PRISON_ROOT))
+ {
+ error = prison_priv_check(cred, priv);
+ if (error)
+ return (error);
+ }
+
/* NOTE: accounting for suser access (p_acflag/ASU) removed */
return (0);
}
prison_get_local(struct prison *pr, sa_family_t, struct sockaddr *);
struct sockaddr *
prison_get_nonlocal(struct prison *pr, sa_family_t, struct sockaddr *);
+int prison_priv_check(struct ucred *cred, int priv);
/*
* Return 1 if the passed credential is in a jail, otherwise 0.