diff options
Diffstat (limited to 'static/freebsd/man9/cr_bsd_visible.9 3.html')
| -rw-r--r-- | static/freebsd/man9/cr_bsd_visible.9 3.html | 97 |
1 files changed, 0 insertions, 97 deletions
diff --git a/static/freebsd/man9/cr_bsd_visible.9 3.html b/static/freebsd/man9/cr_bsd_visible.9 3.html deleted file mode 100644 index e9fda69c..00000000 --- a/static/freebsd/man9/cr_bsd_visible.9 3.html +++ /dev/null @@ -1,97 +0,0 @@ -<table class="head"> - <tr> - <td class="head-ltitle">CR_BSD_VISIBLE(9)</td> - <td class="head-vol">Kernel Developer's Manual</td> - <td class="head-rtitle">CR_BSD_VISIBLE(9)</td> - </tr> -</table> -<div class="manual-text"> -<section class="Sh"> -<h1 class="Sh" id="NAME"><a class="permalink" href="#NAME">NAME</a></h1> -<p class="Pp"><code class="Nm">cr_bsd_visible</code> — - <span class="Nd">determine if subjects may see entities according to BSD - security policies</span></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="SYNOPSIS"><a class="permalink" href="#SYNOPSIS">SYNOPSIS</a></h1> -<p class="Pp"><code class="In">#include - <<a class="In">sys/proc.h</a>></code></p> -<p class="Pp"><var class="Ft">int</var> - <br/> - <code class="Fn">cr_bsd_visible</code>(<var class="Fa" style="white-space: nowrap;">struct - ucred *u1</var>, <var class="Fa" style="white-space: nowrap;">struct ucred - *u2</var>);</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="DESCRIPTION"><a class="permalink" href="#DESCRIPTION">DESCRIPTION</a></h1> -<p class="Pp">This function determines if a subject with credentials - <var class="Fa">u1</var> is denied seeing an object or subject associated to - credentials <var class="Fa">u2</var> by the following policies and - associated <a class="Xr">sysctl(8)</a> knobs:</p> -<dl class="Bl-tag"> - <dt id="security.bsd.seeotheruids"><var class="Va">security.bsd.seeotheruids</var></dt> - <dd>If set to 0, subjects cannot see other subjects or objects if they are not - associated with the same real user ID. The corresponding internal function - is <a class="Xr">cr_canseeotheruids(9)</a>.</dd> - <dt id="security.bsd.seeothergids"><var class="Va">security.bsd.seeothergids</var></dt> - <dd>If set to 0, subjects cannot see other subjects or objects if they are not - both a member of at least one common group. The corresponding internal - function is <a class="Xr">cr_canseeothergids(9)</a>.</dd> - <dt id="security.bsd.see_jail_proc"><var class="Va">security.bsd.see_jail_proc</var></dt> - <dd>If set to 0, subjects cannot see other subjects or objects that are not - associated with the same jail as they are. The corresponding internal - function is <a class="Xr">cr_canseejailproc(9)</a>.</dd> -</dl> -<p class="Pp">As usual, the superuser (effective user ID 0) is exempt from any - of these policies provided that the <a class="Xr">sysctl(8)</a> variable - <var class="Va">security.bsd.suser_enabled</var> is non-zero and no active - MAC policy explicitly denies the exemption (see - <a class="Xr">priv_check_cred(9)</a>).</p> -<p class="Pp">This function is intended to be used as a helper to implement - <a class="Xr">cr_cansee(9)</a> and similar functions.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="RETURN_VALUES"><a class="permalink" href="#RETURN_VALUES">RETURN - VALUES</a></h1> -<p class="Pp">This function returns zero if a subject with credentials - <var class="Fa">u1</var> may see a subject or object with credentials - <var class="Fa">u2</var> by the active above-mentioned policies, or - <code class="Er">ESRCH</code> otherwise.</p> -</section> -<section class="Sh"> -<h1 class="Sh" id="ERRORS"><a class="permalink" href="#ERRORS">ERRORS</a></h1> -<dl class="Bl-tag"> - <dt id="ESRCH">[<a class="permalink" href="#ESRCH"><code class="Er">ESRCH</code></a>]</dt> - <dd>Credentials <var class="Fa">u1</var> and <var class="Fa">u2</var> do not - have the same real user ID.</dd> - <dt id="ESRCH~2">[<a class="permalink" href="#ESRCH~2"><code class="Er">ESRCH</code></a>]</dt> - <dd>Credentials <var class="Fa">u1</var> and <var class="Fa">u2</var> are not - members of any common group (as determined by - <a class="Xr">realgroupmember(9)</a>).</dd> - <dt id="ESRCH~3">[<a class="permalink" href="#ESRCH~3"><code class="Er">ESRCH</code></a>]</dt> - <dd>Credentials <var class="Fa">u1</var> and <var class="Fa">u2</var> are not - in the same jail.</dd> -</dl> -</section> -<section class="Sh"> -<h1 class="Sh" id="SEE_ALSO"><a class="permalink" href="#SEE_ALSO">SEE - ALSO</a></h1> -<p class="Pp"><a class="Xr">cr_cansee(9)</a>, - <a class="Xr">cr_canseejailproc(9)</a>, - <a class="Xr">cr_canseeothergids(9)</a>, - <a class="Xr">cr_canseeotheruids(9)</a>, - <a class="Xr">priv_check_cred(9)</a></p> -</section> -<section class="Sh"> -<h1 class="Sh" id="AUTHORS"><a class="permalink" href="#AUTHORS">AUTHORS</a></h1> -<p class="Pp">This function and its manual page were written by - <span class="An">Olivier Certner</span> - <<a class="Mt" href="mailto:olce.freebsd@certner.fr">olce.freebsd@certner.fr</a>>.</p> -</section> -</div> -<table class="foot"> - <tr> - <td class="foot-date">August 18, 2023</td> - <td class="foot-os">FreeBSD 15.0</td> - </tr> -</table> |