diff --git a/share/man/man9/Makefile b/share/man/man9/Makefile --- a/share/man/man9/Makefile +++ b/share/man/man9/Makefile @@ -69,6 +69,7 @@ counter.9 \ cpuset.9 \ cr_cansee.9 \ + cr_canseejailproc.9 \ cr_canseeothergids.9 \ cr_canseeotheruids.9 \ critical_enter.9 \ diff --git a/share/man/man9/cr_canseejailproc.9 b/share/man/man9/cr_canseejailproc.9 new file mode 100644 --- /dev/null +++ b/share/man/man9/cr_canseejailproc.9 @@ -0,0 +1,81 @@ +.\" +.\" SPDX-License-Identifier: BSD-2-Clause +.\" +.\" Copyright (c) 2023 Olivier Certner +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY EXPRESS OR +.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +.\" IN NO EVENT SHALL THE DEVELOPERS BE LIABLE FOR ANY DIRECT, INDIRECT, +.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +.\" +.Dd August 18, 2023 +.Dt CR_CANSEEJAILPROC 9 +.Os +.Sh NAME +.Nm cr_canseejailproc +.Nd determine if subjects may see entities in sub-jails +.Sh SYNOPSIS +.Ft int +.Fn cr_canseejailproc "struct ucred *u1" "struct ucred *u2" +.Sh DESCRIPTION +.Bf -emphasis +This function is internal. +Its functionality is integrated into the function +.Xr cr_bsd_visible 9 , +which should be called instead. +.Ef +.Pp +This function checks if a subject associated to credentials +.Fa u1 +is denied seeing a subject or object associated to credentials +.Fa u2 +by a policy that requires both credentials to be associated to the same jail. +This is a restriction to the baseline jail policy that a subject can see +subjects or objects in its own jail or any sub-jail of it. +.Pp +This policy is active if and only if the +.Xr sysctl 8 +variable +.Va security.bsd.see_jail_proc +is set to zero. +.Pp +As usual, the superuser (effective user ID 0) is exempt from this policy +provided that the +.Xr sysctl 8 +variable +.Va security.bsd.suser_enabled +is non-zero and no active MAC policy explicitly denies the exemption +.Po +see +.Xr priv_check_cred 9 +.Pc . +.Sh RETURN VALUES +The +.Fn cr_canseejailproc +function returns 0 if the policy is disabled, both credentials are associated to +the same jail, or if +.Fa u1 +has privilege exempting it from the policy. +Otherwise, it returns +.Er ESRCH . +.Sh SEE ALSO +.Xr cr_bsd_visible 9 , +.Xr priv_check_cred 9 +.Sh AUTHORS +This manual page was written by +.An Olivier Certner Aq Mt olce.freebsd@certner.fr .