on getting rid of KAUTH_GENERIC_ISSUSER

To: tech-kern%netbsd.org@localhost
Subject: on getting rid of KAUTH_GENERIC_ISSUSER
From: Christoph Badura <bad%bsd.de@localhost>
Date: Tue, 28 Jul 2009 21:18:28 +0200

So, it seems to me that the first step in that direction should be
to rename that constant to KAUTH_GENERIC_ISPRIVILEGED or ..._ISAUTHORIZED.

There's a serious confusion here.  The check is not whether the credentials
presented are those of the super user.  The check is whether the credentials
can be authorized to perform some unspecific privileged operation.

The check that the credentials are the super-user's is only made in
secmodel_bsd44_suser.c.

Any objections to that?
--chris

Follow-Ups:
- Re: on getting rid of KAUTH_GENERIC_ISSUSER
  - From: Elad Efrat

Prev by Date: Re: Quota definitions
Next by Date: Re: on getting rid of KAUTH_GENERIC_ISSUSER
Previous by Thread: Fixing settime1() to reject invalid struct timespec ?
Next by Thread: Re: on getting rid of KAUTH_GENERIC_ISSUSER
Indexes:

Home | Main Index | Thread Index | Old Index