mac_vfs.c (172953) | mac_vfs.c (172957) |
---|---|
1/*- 2 * Copyright (c) 1999-2002 Robert N. M. Watson 3 * Copyright (c) 2001 Ilmar S. Habibulin 4 * Copyright (c) 2001-2005 McAfee, Inc. 5 * Copyright (c) 2005-2006 SPARTA, Inc. 6 * All rights reserved. 7 * 8 * This software was developed by Robert Watson and Ilmar Habibulin for the --- 25 unchanged lines hidden (view full) --- 34 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 35 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 36 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 37 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 38 * SUCH DAMAGE. 39 */ 40 41#include <sys/cdefs.h> | 1/*- 2 * Copyright (c) 1999-2002 Robert N. M. Watson 3 * Copyright (c) 2001 Ilmar S. Habibulin 4 * Copyright (c) 2001-2005 McAfee, Inc. 5 * Copyright (c) 2005-2006 SPARTA, Inc. 6 * All rights reserved. 7 * 8 * This software was developed by Robert Watson and Ilmar Habibulin for the --- 25 unchanged lines hidden (view full) --- 34 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 35 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 36 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 37 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 38 * SUCH DAMAGE. 39 */ 40 41#include <sys/cdefs.h> |
42__FBSDID("$FreeBSD: head/sys/security/mac/mac_vfs.c 172953 2007-10-25 07:49:47Z rwatson $"); | 42__FBSDID("$FreeBSD: head/sys/security/mac/mac_vfs.c 172957 2007-10-25 12:34:14Z rwatson $"); |
43 44#include "opt_mac.h" 45 46#include <sys/param.h> 47#include <sys/condvar.h> 48#include <sys/extattr.h> 49#include <sys/imgact.h> 50#include <sys/kernel.h> --- 820 unchanged lines hidden (view full) --- 871 return (error); 872 873 error = VOP_SETLABEL(vp, intlabel, cred, curthread); 874 if (error) 875 return (error); 876 877 return (0); 878} | 43 44#include "opt_mac.h" 45 46#include <sys/param.h> 47#include <sys/condvar.h> 48#include <sys/extattr.h> 49#include <sys/imgact.h> 50#include <sys/kernel.h> --- 820 unchanged lines hidden (view full) --- 871 return (error); 872 873 error = VOP_SETLABEL(vp, intlabel, cred, curthread); 874 if (error) 875 return (error); 876 877 return (0); 878} |
879 880/* 881 * When a thread becomes an NFS server daemon, its credential may need to be 882 * updated to reflect this so that policies can recognize when file system 883 * operations originate from the network. 884 * 885 * At some point, it would be desirable if the credential used for each NFS 886 * RPC could be set based on the RPC context (i.e., source system, etc) to 887 * provide more fine-grained access control. 888 */ 889void 890mac_associate_nfsd_label(struct ucred *cred) 891{ 892 893 MAC_PERFORM(associate_nfsd_label, cred); 894} | |