Print this page
uts: add a concept of a 'default' set of privileges, separate from 'basic'
*** 198,207 ****
--- 198,210 ----
libc_free(tmparr);
break;
case PRIV_INFO_BASICPRIVS:
tmp->pd_basicset = (priv_set_t *)&st->set[0];
break;
+ case PRIV_INFO_DEFAULTPRIVS:
+ tmp->pd_defaultset = (priv_set_t *)&st->set[0];
+ break;
default:
/* unknown, ignore */
break;
}
x += na->info.priv_info_size;
*** 494,503 ****
--- 497,507 ----
if (nset == NULL)
return (-1);
/* Always add the basic set */
+ /* XXX: Always add the _default_ set? */
if (d->pd_basicset != NULL)
priv_union(d->pd_basicset, nset);
/*
* This is not a significant failure: it allows us to start programs
*** 646,655 ****
--- 650,660 ----
goto end;
priv_copyset(nset, bracketpriv);
/* Always add the basic set */
+ /* XXX: Always add the default set? */
priv_union(priv_basic(), nset);
/* But don't add what we don't have */
priv_intersect(tmpset, nset);
*** 873,882 ****
--- 878,893 ----
{
priv_copyset(priv_basic(), set);
}
void
+ priv_defaultset(priv_set_t *set)
+ {
+ priv_copyset(priv_default(), set);
+ }
+
+ void
__priv_fillset(priv_data_t *d, priv_set_t *set)
{
(void) memset(set, ~0, d->pd_setsize);
}