Change Details

Use priv_check_cred() instead of explicitly testing for UID 0 (the former has been the rule for almost 20 years). As a side effect, cr_canseejailproc() now abides by the 'security.bsd.suser_enabled' sysctl and MAC policies.

Use priv_check_cred() with a new privilege (PRIV_SEEJAILPROC) instead of explicitly testing for UID 0 (the former has been the rule for almost 20 years). As a consequence, cr_canseejailproc() now abides by the 'security.bsd.suser_enabled' sysctl and MAC policies. Update the MAC policies Biba and LOMAC, and prison_priv_check() so that they don't deny this privilege. This preserves the existing behavior (the 'root' user is not restricted, even when jailed, unless 'security.bsd.suser_enabled' is not 0) and is consistent with what is done for the related policies/privileges (PRIV_SEEOTHERGIDS, PRIV_SEEOTHERUIDS).

Use priv_check_cred() instead of explicitly testing for UID 0 (the former haswith a new privilege (PRIV_SEEJAILPROC) instead of been the ruleexplicitly testing for almost 20 years). As a side effect, cr_canseejailproc() nowUID 0 (the former has been the rule for almost 20 abides by the years). As a consequence, cr_canseejailproc() now abides by the 'security.bsd.suser_enabled' sysctl and MAC policies. Update the MAC policies Biba and LOMAC, and prison_priv_check() so that they don't deny this privilege. This preserves the existing behavior (the 'root' user is not restricted, even when jailed, unless 'security.bsd.suser_enabled' sysctl and MACis not 0) and is consistent with what is done for the related policiesies/privileges (PRIV_SEEOTHERGIDS, PRIV_SEEOTHERUIDS).