| #
adf8d7aa |
| 25-Oct-2006 |
elad <elad@NetBSD.org> |
Introduce KAUTH_REQ_NETWORK_SOCKET_OPEN, to check if opening a socket is
allowed. It takes three int * arguments indicating domain, type, and
protocol. Replace previous KAUTH_REQ_NETWORK_SOCKET_RAWSO
Introduce KAUTH_REQ_NETWORK_SOCKET_OPEN, to check if opening a socket is
allowed. It takes three int * arguments indicating domain, type, and
protocol. Replace previous KAUTH_REQ_NETWORK_SOCKET_RAWSOCK with it (but
keep it still).
Places that used to explicitly check for privileged context now don't
need it anymore, so I replaced these with XXX comment indiacting it for
future reference.
Documented and updated examples as well.
show more ...
|
| #
305fe091 |
| 20-Oct-2006 |
elad <elad@NetBSD.org> |
Introduce a new action on the network scope, KAUTH_NETWORK_INTERFACE,
used to manage network interfaces.
Add four sub-actions to fulfill generic needs for now, until a more
carefully defined usage o
Introduce a new action on the network scope, KAUTH_NETWORK_INTERFACE,
used to manage network interfaces.
Add four sub-actions to fulfill generic needs for now, until a more
carefully defined usage of the interface is documented: get, set,
getpriv, and setpriv.
show more ...
|
| #
8c494ca7 |
| 13-Oct-2006 |
elad <elad@NetBSD.org> |
Introduce KAUTH_REQ_NETWORK_SOCKET_CANSEE. Since we're not gonna be having
credentials on sockets, at least not anytime soon, this is a way to check
if we can "look" at a socket. Later on when (and i
Introduce KAUTH_REQ_NETWORK_SOCKET_CANSEE. Since we're not gonna be having
credentials on sockets, at least not anytime soon, this is a way to check
if we can "look" at a socket. Later on when (and if) we do have socket
credentials, the interface usage remains the same because we pass the
socket.
This also fixes sysctl for inet/inet6 pcblist.
show more ...
|