cr_seeothergids(9)
NAME
- cr_seeothergids - determine visibility of objects given
- their group memberships
SYNOPSIS
int
cr_seeothergids(struct ucred *u1, struct ucred *u2);
DESCRIPTION
- This function determines the visibility of objects in the
- kernel based on
the group IDs in the credentials u1 and u2 associated with
- them.
- The visibility of objects is influenced by the sysctl(8)
- variable
security.bsd.see_other_gids. If this variable is non-zero
- then all
objects in the kernel are visible to each other irrespective
- of their
group membership. If this variable is zero then the object
- with credentials u2 is visible to the object with credentials u1 if ei
- ther u1 is the
super-user credential, or if at least one of u1's group IDs
- is present in
u2's group set.
SYSCTL VARIABLES
- security.bsd.see_other_gids
- Must be non-zero if objects with unprivileged cre
- dentials are to
be able to see each other.
RETURN VALUES
- This function returns zero if the object with credential u1
- can ``see''
the object with credential u2, or ESRCH otherwise.
SEE ALSO
- cr_seeotheruids(9), p_candebug(9)
- BSD November 11, 2003