Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/secmodel/suser Make this file a little bit smaller by co...
details: https://anonhg.NetBSD.org/src/rev/1868e4c2b201
branches: trunk
changeset: 747846:1868e4c2b201
user: elad <elad%NetBSD.org@localhost>
date: Sat Oct 03 02:06:11 2009 +0000
description:
Make this file a little bit smaller by collapsing cases.
diffstat:
sys/secmodel/suser/secmodel_suser.c | 108 ++++++-----------------------------
1 files changed, 20 insertions(+), 88 deletions(-)
diffs (192 lines):
diff -r 578c2e573e9b -r 1868e4c2b201 sys/secmodel/suser/secmodel_suser.c
--- a/sys/secmodel/suser/secmodel_suser.c Sat Oct 03 02:01:12 2009 +0000
+++ b/sys/secmodel/suser/secmodel_suser.c Sat Oct 03 02:06:11 2009 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: secmodel_suser.c,v 1.22 2009/10/03 02:01:12 elad Exp $ */
+/* $NetBSD: secmodel_suser.c,v 1.23 2009/10/03 02:06:11 elad Exp $ */
/*-
* Copyright (c) 2006 Elad Efrat <elad%NetBSD.org@localhost>
* All rights reserved.
@@ -38,7 +38,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.22 2009/10/03 02:01:12 elad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: secmodel_suser.c,v 1.23 2009/10/03 02:06:11 elad Exp $");
#include <sys/types.h>
#include <sys/param.h>
@@ -444,6 +444,8 @@
case KAUTH_SYSTEM_CHROOT:
case KAUTH_SYSTEM_FILEHANDLE:
case KAUTH_SYSTEM_MKNOD:
+ case KAUTH_SYSTEM_SETIDCORE:
+ case KAUTH_SYSTEM_MODULE:
if (isroot)
result = KAUTH_RESULT_ALLOW;
break;
@@ -459,18 +461,6 @@
break;
- case KAUTH_SYSTEM_SETIDCORE:
- if (isroot)
- result = KAUTH_RESULT_ALLOW;
-
- break;
-
- case KAUTH_SYSTEM_MODULE:
- if (isroot)
- result = KAUTH_RESULT_ALLOW;
-
- break;
-
default:
break;
}
@@ -499,6 +489,15 @@
switch (action) {
case KAUTH_PROCESS_SIGNAL:
+ case KAUTH_PROCESS_KTRACE:
+ case KAUTH_PROCESS_PROCFS:
+ case KAUTH_PROCESS_PTRACE:
+ case KAUTH_PROCESS_SCHEDULER_GETPARAM:
+ case KAUTH_PROCESS_SCHEDULER_SETPARAM:
+ case KAUTH_PROCESS_SCHEDULER_SETAFFINITY:
+ case KAUTH_PROCESS_SETID:
+ case KAUTH_PROCESS_KEVENT_FILTER:
+ case KAUTH_PROCESS_NICE:
if (isroot)
result = KAUTH_RESULT_ALLOW;
@@ -538,24 +537,6 @@
break;
}
- case KAUTH_PROCESS_KTRACE:
- if (isroot)
- result = KAUTH_RESULT_ALLOW;
-
- break;
-
- case KAUTH_PROCESS_PROCFS:
- if (isroot)
- result = KAUTH_RESULT_ALLOW;
-
- break;
-
- case KAUTH_PROCESS_PTRACE:
- if (isroot)
- result = KAUTH_RESULT_ALLOW;
-
- break;
-
case KAUTH_PROCESS_CORENAME:
if (isroot || proc_uidmatch(cred, p->p_cred) == 0)
result = KAUTH_RESULT_ALLOW;
@@ -578,18 +559,6 @@
break;
}
- case KAUTH_PROCESS_KEVENT_FILTER:
- if (isroot)
- result = KAUTH_RESULT_ALLOW;
-
- break;
-
- case KAUTH_PROCESS_NICE:
- if (isroot)
- result = KAUTH_RESULT_ALLOW;
-
- break;
-
case KAUTH_PROCESS_RLIMIT: {
enum kauth_process_req req;
@@ -610,19 +579,6 @@
break;
}
- case KAUTH_PROCESS_SCHEDULER_GETPARAM:
- case KAUTH_PROCESS_SCHEDULER_SETPARAM:
- case KAUTH_PROCESS_SCHEDULER_SETAFFINITY:
- if (isroot)
- result = KAUTH_RESULT_ALLOW;
-
- break;
-
- case KAUTH_PROCESS_SETID:
- if (isroot)
- result = KAUTH_RESULT_ALLOW;
- break;
-
case KAUTH_PROCESS_STOPFLAG:
if (isroot || proc_uidmatch(cred, p->p_cred) == 0) {
result = KAUTH_RESULT_ALLOW;
@@ -698,6 +654,7 @@
break;
case KAUTH_NETWORK_FORWSRCRT:
+ case KAUTH_NETWORK_ROUTE:
if (isroot)
result = KAUTH_RESULT_ALLOW;
@@ -782,12 +739,6 @@
}
break;
- case KAUTH_NETWORK_ROUTE:
- if (isroot)
- result = KAUTH_RESULT_ALLOW;
-
- break;
-
case KAUTH_NETWORK_SOCKET:
switch (req) {
case KAUTH_REQ_NETWORK_SOCKET_DROP:
@@ -893,6 +844,12 @@
case KAUTH_DEVICE_BLUETOOTH_SETPRIV:
case KAUTH_DEVICE_BLUETOOTH_SEND:
case KAUTH_DEVICE_BLUETOOTH_RECV:
+ case KAUTH_DEVICE_TTY_OPEN:
+ case KAUTH_DEVICE_TTY_PRIVSET:
+ case KAUTH_DEVICE_TTY_STI:
+ case KAUTH_DEVICE_RND_ADDDATA:
+ case KAUTH_DEVICE_RND_GETPRIV:
+ case KAUTH_DEVICE_RND_SETPRIV:
if (isroot)
result = KAUTH_RESULT_ALLOW;
break;
@@ -927,31 +884,6 @@
result = KAUTH_RESULT_ALLOW;
break;
- case KAUTH_DEVICE_TTY_OPEN:
- if (isroot)
- result = KAUTH_RESULT_ALLOW;
-
- break;
-
- case KAUTH_DEVICE_TTY_PRIVSET:
- if (isroot)
- result = KAUTH_RESULT_ALLOW;
-
- break;
-
- case KAUTH_DEVICE_TTY_STI:
- if (isroot)
- result = KAUTH_RESULT_ALLOW;
-
- break;
-
- case KAUTH_DEVICE_RND_ADDDATA:
- case KAUTH_DEVICE_RND_GETPRIV:
- case KAUTH_DEVICE_RND_SETPRIV:
- if (isroot)
- result = KAUTH_RESULT_ALLOW;
- break;
-
case KAUTH_DEVICE_GPIO_PINSET:
/*
* root can access gpio pins, secmodel_securlevel can veto
Home |
Main Index |
Thread Index |
Old Index