tech-kern archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
on getting rid of KAUTH_GENERIC_ISSUSER
So, it seems to me that the first step in that direction should be
to rename that constant to KAUTH_GENERIC_ISPRIVILEGED or ..._ISAUTHORIZED.
There's a serious confusion here. The check is not whether the credentials
presented are those of the super user. The check is whether the credentials
can be authorized to perform some unspecific privileged operation.
The check that the credentials are the super-user's is only made in
secmodel_bsd44_suser.c.
Any objections to that?
--chris
Home |
Main Index |
Thread Index |
Old Index