Removal of some KAUTH_GENERIC_ISSUSER (pass 1)

To: tech-kern%netbsd.org@localhost
Subject: Removal of some KAUTH_GENERIC_ISSUSER (pass 1)
From: Elad Efrat <elad%NetBSD.org@localhost>
Date: Sat, 11 Apr 2009 04:46:34 +0300

Hi,

Attached is a diff removing some KAUTH_GENERIC_ISSUSER uses in favor of
more meaningful alternatives, some newly added.

Newly added actions/requests:
  - KAUTH_MACHDEP_CMOS, for checking if the CMOS can be read
    from/written to.
        
  - KAUTH_MACHDEP_CACHEFLUSH_ALL, for checking if the whole CPU cache
    can be flushed (used in compat code only).
        
  - KAUTH_REQ_SYSTEM_SYSCTL_MODIFY, for checking if a sysctl(9) value
    that doesn't have a custom function handler can be modified.

  - KAUTH_REQ_NETWORK_SOCKET_DROP, for checking if a connection can be
    dropped.

  - KAUTH_REQ_NETWORK_SOCKET_SETPRIV, for checking if privileged
    socket options can be set.

Also note the changes in the ibcs2 compat code. I followed
http://docsrv.sco.com:507/en/man/html.S/uadmin.S.html and hopefully the
semantics are the same.

Thanks,

-e.

Attachment: pass1.diff
Description: Binary data

Follow-Ups:
- Re: Removal of some KAUTH_GENERIC_ISSUSER (pass 1)
  - From: Andrew Doran
- Re: Removal of some KAUTH_GENERIC_ISSUSER (pass 1)
  - From: Izumi Tsutsui

Prev by Date: fix for 37878 and 37550
Next by Date: Re: fix for 37878 and 37550
Previous by Thread: fix for 37878 and 37550
Next by Thread: Re: Removal of some KAUTH_GENERIC_ISSUSER (pass 1)
Indexes:

Home | Main Index | Thread Index | Old Index