mirror/freebsd
1
0
Fork 0
mirror of https://git.FreeBSD.org/src.git synced 2025-01-28 16:43:09 +00:00
Code Issues Releases Activity

o Modify open() and close() for /dev/random to use securelevel_gt() instead

Browse Source 
of direct securelevel variable checks.

Obtained from:	TrustedBSD Project
This commit is contained in:
Robert Watson 2001-09-26 20:15:42 +00:00
parent 8002488bd9
commit 19f1565901
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=83976
1 changed files with 16 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
sys/dev/random/randomdev.c
View File

@ -141,17 +141,27 @@ SYSCTL_PROC(_kern_random_sys_harvest, OID_AUTO, interrupt,
static int
random_open(dev_t dev, int flags, int fmt, struct thread *td)
{
if ((flags & FWRITE) && (securelevel > 0 || suser(td->td_proc)))
return EPERM;
else
return 0;
int error;
if (flags & FWRITE) {
error = suser(td->td_proc);
if (error)
return (error);
error = securelevel_gt(td->td_proc->p_ucred, 0);
if (error)
return (error);
}
return 0;
}
static int
random_close(dev_t dev, int flags, int fmt, struct thread *td)
{
if ((flags & FWRITE) && !(securelevel > 0 || suser(td->td_proc)))
random_reseed();
if (flags & FWRITE) {
if (!(suser(td->td_proc) ||
securelevel_gt(td->td_proc->p_ucred, 0)))
random_reseed();
}
return 0;
}