Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/dev Since NetBSD operates in securelevel -1 by default, ...
details: https://anonhg.NetBSD.org/src/rev/51cee5c8b39a
branches: trunk
changeset: 582098:51cee5c8b39a
user: elad <elad%NetBSD.org@localhost>
date: Thu Jun 16 15:45:48 2005 +0000
description:
Since NetBSD operates in securelevel -1 by default, don't rely on the
securelevel alone when checking if the veriexec tables can be modified;
also check if the strict level is above 0.
diffstat:
sys/dev/verified_exec.c | 12 ++++++------
1 files changed, 6 insertions(+), 6 deletions(-)
diffs (34 lines):
diff -r 692630003122 -r 51cee5c8b39a sys/dev/verified_exec.c
--- a/sys/dev/verified_exec.c Thu Jun 16 15:41:36 2005 +0000
+++ b/sys/dev/verified_exec.c Thu Jun 16 15:45:48 2005 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: verified_exec.c,v 1.13 2005/06/16 15:41:36 elad Exp $ */
+/* $NetBSD: verified_exec.c,v 1.14 2005/06/16 15:45:48 elad Exp $ */
/*-
* Copyright 2005 Elad Efrat <elad%bsd.org.il@localhost>
@@ -31,9 +31,9 @@
#include <sys/cdefs.h>
#if defined(__NetBSD__)
-__KERNEL_RCSID(0, "$NetBSD: verified_exec.c,v 1.13 2005/06/16 15:41:36 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: verified_exec.c,v 1.14 2005/06/16 15:45:48 elad Exp $");
#else
-__RCSID("$Id: verified_exec.c,v 1.13 2005/06/16 15:41:36 elad Exp $\n$NetBSD: verified_exec.c,v 1.13 2005/06/16 15:41:36 elad Exp $");
+__RCSID("$Id: verified_exec.c,v 1.14 2005/06/16 15:45:48 elad Exp $\n$NetBSD: verified_exec.c,v 1.14 2005/06/16 15:45:48 elad Exp $");
#endif
#include <sys/param.h>
@@ -161,9 +161,9 @@
/*
* Don't allow updates in multi-user mode.
*/
- if (securelevel >= 1) {
- printf("Veriexec: veriexecioctl: Securelevel raised, loading"
- "fingerprints is not permitted\n");
+ if ((securelevel > 0) || (veriexec_strict > 0)) {
+ printf("Veriexec: veriexecioctl: Securelevel or strict "
+ "mode, modifying veriexec tables is not permitted.\n");
return (EPERM);
}
Home |
Main Index |
Thread Index |
Old Index