/share/man/man9/cr_seeothergids.9
https://bitbucket.org/freebsd/freebsd-head/ · Unknown · 82 lines · 82 code · 0 blank · 0 comment · 0 complexity · c4031a6cb086d8407678f7bdf83c5e3d MD5 · raw file
- .\"
- .\" Copyright (c) 2003 Joseph Koshy <jkoshy@FreeBSD.org>
- .\"
- .\" All rights reserved.
- .\"
- .\" This program is free software.
- .\"
- .\" Redistribution and use in source and binary forms, with or without
- .\" modification, are permitted provided that the following conditions
- .\" are met:
- .\" 1. Redistributions of source code must retain the above copyright
- .\" notice, this list of conditions and the following disclaimer.
- .\" 2. Redistributions in binary form must reproduce the above copyright
- .\" notice, this list of conditions and the following disclaimer in the
- .\" documentation and/or other materials provided with the distribution.
- .\"
- .\" THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY EXPRESS OR
- .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- .\" IN NO EVENT SHALL THE DEVELOPERS BE LIABLE FOR ANY DIRECT, INDIRECT,
- .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
- .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
- .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- .\"
- .\" $FreeBSD$
- .\"
- .Dd November 11, 2003
- .Dt CR_SEEOTHERGIDS 9
- .Os
- .Sh NAME
- .Nm cr_seeothergids
- .Nd determine visibility of objects given their group memberships
- .Sh SYNOPSIS
- .Ft int
- .Fn cr_seeothergids "struct ucred *u1" "struct ucred *u2"
- .Sh DESCRIPTION
- This function determines the visibility of objects in the
- kernel based on the group IDs in the credentials
- .Fa u1
- and
- .Fa u2
- associated with them.
- .Pp
- The visibility of objects is influenced by the
- .Xr sysctl 8
- variable
- .Va security.bsd.see_other_gids .
- If this variable is non-zero then all objects in the kernel
- are visible to each other irrespective of their group membership.
- If this variable is zero then the object with credentials
- .Fa u2
- is visible to the object with credentials
- .Fa u1
- if either
- .Fa u1
- is the super-user credential, or if at least one of
- .Fa u1 Ns 's
- group IDs is present in
- .Fa u2 Ns 's
- group set.
- .Sh SYSCTL VARIABLES
- .Bl -tag -width indent
- .It Va security.bsd.see_other_gids
- Must be non-zero if objects with unprivileged credentials are to be
- able to see each other.
- .El
- .Sh RETURN VALUES
- This function returns zero if the object with credential
- .Fa u1
- can
- .Dq see
- the object with credential
- .Fa u2 ,
- or
- .Er ESRCH
- otherwise.
- .Sh SEE ALSO
- .Xr cr_seeotheruids 9 ,
- .Xr p_candebug 9