[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: uid 0 (was Re: CVS commit: src/sys/kern)
On Sun Mar 08 2009 at 00:12:45 +0000, Christos Zoulas wrote:
> In article <20090307195914.GO889%shaak.vert-toit.net@localhost>,
> Quentin Garnier <cube%cubidou.net@localhost> wrote:
> >On Sat, Mar 07, 2009 at 02:23:02PM -0500, Christos Zoulas wrote:
> >> Module Name: src
> >> Committed By: christos
> >> Date: Sat Mar 7 19:23:02 UTC 2009
> >> Modified Files:
> >> src/sys/kern: kern_exec.c
> >> Log Message:
> >> don't enforce maxproc resource limits for root.
> >Is it correct to use uid == 0 as a test outside of the secmodel?
> Probably not, but I just made the code look exactly like the fork()
Doesn't kauth(KAUTH_GENERIC_ISSUSER) do the right thing? Yes, I agree,
it wastes much non-ansified non-whitespace in the source tree, but things
like gaols would work better if we don't propagate code which we know
to be incorrect.
Main Index |
Thread Index |