SIMPLE SOLUTIONS

CR_CANSEE(9FREEBSD) - man page online | system kernel interfaces

Determine visibility of objects given their user credentials.

Chapter
November 19, 2006
CR_CANSEE(9)                      BSD Kernel Developer's Manual                      CR_CANSEE(9)

NAME cr_cansee — determine visibility of objects given their user credentials
SYNOPSIS #include <sys/param.h> #include <sys/systm.h> #include <sys/ucred.h> int cr_cansee(struct ucred *u1, struct ucred *u2);
DESCRIPTION This function determines the visibility of objects in the kernel based on the real user IDs and group IDs in the credentials u1 and u2 associated with them. The visibility of objects is influenced by the sysctl(8) variables security.bsd.see_other_gids and security.bsd.see_other_uids, as per the description in cr_seeothergids(9) and cr_seeotheruids(9) respectively.
RETURN VALUES This function returns zero if the object with credential u1 can “see” the object with cre‐ dential u2, or ESRCH otherwise.
ERRORS [ESRCH] The object with credential u1 cannot “see” the object with credential u2. [ESRCH] The object with credential u1 has been jailed and the object with creden‐ tial u2 does not belong to the same jail as u1. [ESRCH] The MAC subsystem denied visibility.
SEE ALSO cr_seeothergids(9), cr_seeotheruids(9), mac(9), p_cansee(9)
BSD November 19, 2006 BSD
This manual Reference Other manuals
cr_cansee(9freebsd) referred by p_cansee(9freebsd)
refer to cr_seeothergids(9freebsd) | cr_seeotheruids(9freebsd) | mac(9freebsd) | p_cansee(9freebsd) | sysctl(8)