tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Removing inpcbpolicy::priv

In article <>, Elad Efrat  
<> wrote:
>It looks like inpcbpolicy::priv is redundant.
>The PCB is always attached to a socket, and therefore we can use the uid
>stored in uidinfo for permissions check. In fact, the priv member is set
>by checking the uid from uidinfo.
>The other case the priv member is used is in ipsec_copy_pcbpolicy(),
>when copying a policy, called from syn_cache_get(). There, too, it seems
>it's redundant, as sonewconn() is called to create a new socket, which
>keeps the uidinfo.
>Therefore, I suggest the trivial diff attached -- please review.

But checking uid == 0 is not the kauth way...


Home | Main Index | Thread Index | Old Index