tail head cat sleep
QR code linking to this page
Main index Section 9
Go to:
Options

Manual Pages  — CR_SEEOTHERGIDS

NAME

cr_seeothergids – determine visibility of objects given their group memberships

CONTENTS

SYNOPSIS


int
cr_seeothergids(struct ucred *u1, struct ucred *u2);

DESCRIPTION

This function determines the visibility of objects in the kernel based on the group IDs in the credentials u1 and u2 associated with them.

The visibility of objects is influenced by the sysctl(8) variable security.bsd.see_other_gids. If this variable is non-zero then all objects in the kernel are visible to each other irrespective of their group membership. If this variable is zero then the object with credentials u2 is visible to the object with credentials u1 if either u1 is the super-user credential, or if at least one of u1, Ns, 's group IDs is present in u2, Ns, 's group set.

SYSCTL VARIABLES

security.bsd.see_other_gids
  Must be non-zero if objects with unprivileged credentials are to be able to see each other.

RETURN VALUES

This function returns zero if the object with credential u1 can "see" the object with credential u2, or ESRCH otherwise.

SEE ALSO

cr_seeotheruids(9), p_candebug(9)
CR_SEEOTHERGIDS (9) November 11, 2003
tail head cat sleep
QR code linking to this page
Main index Section 9
Go to:
Options

Please direct any comments about this manual page service to Ben Bullock. Privacy policy.

Not only is UNIX dead, it's starting to smell really bad.
— Rob Pike