Copyright (c) 2003 Joseph Koshy <jkoshy@FreeBSD.org> All rights reserved. This program is free software. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the fol...
NAMEcr_seeothergids - determine visibility of objects given their group memberships
SYNOPSISFt int Fn cr_seeothergids struct ucred *u1 struct ucred *u2
DESCRIPTIONThis function determines the visibility of objects in the kernel based on the group IDs in the credentials Fa u1 and Fa u2 associated with them.
The visibility of objects is influenced by the sysctl(8) variable security.bsd.see_other_gids If this variable is non-zero then all objects in the kernel are visible to each other irrespective of their group membership. If this variable is zero then the object with credentials Fa u2 is visible to the object with credentials Fa u1 if either Fa u1 is the super-user credential, or if at least one of Fa u1 Ns 's group IDs is present in Fa u2 Ns 's group set.
- Must be non-zero if objects with unprivileged credentials are to be able to see each other.