HomeFreeBSD

New cr_bsd_visible(): Whether BSD policies deny seeing subjects/objects

Description

New cr_bsd_visible(): Whether BSD policies deny seeing subjects/objects

This is a new helper function that leverages existing code: It calls
successively cr_canseeotheruids(), cr_canseeothergids() and
cr_canseejailproc() (as long as the previous didn't deny access). Will
be used in a subsequent commit.

Reviewed by: mhorne
MFC after: 2 weeks
Sponsored by: Kumacom SAS
Differential Revision: https://reviews.freebsd.org/D40627

Details

Provenance
olceAuthored on Aug 17 2023, 11:54 PM
mhorneCommitted on Sep 28 2023, 2:57 PM
Reviewer
mhorne
Differential Revision
D40627: New cr_bsd_visible(): Whether BSD policies deny seeing subjects/objects
Parents
rG7974ca1cdbee: cr_canseejailproc(): New privilege, no direct check for UID 0
Branches
Unknown
Tags
Unknown