17  * information: Portions Copyright [yyyy] [name of copyright owner]
905  *		uid of owner of vnode
928 secpolicy_vnode_access(const cred_t *cr, vnode_t *vp, uid_t owner, mode_t mode)
939 		if (owner == 0 && cr->cr_uid != 0)
968 secpolicy_vnode_access2(const cred_t *cr, vnode_t *vp, uid_t owner,
1002 		if (owner == 0 && cr->cr_uid != 0)
1033 secpolicy_vnode_any_access(const cred_t *cr, vnode_t *vp, uid_t owner)
1046 	if (owner == cr->cr_uid)
1065 			/* We know here that if owner == 0, that cr_uid != 0 */
1066 			allzone = owner == 0;
1084 secpolicy_vnode_setid_modify(const cred_t *cr, uid_t owner)
1089 	if (owner != 0) {
1090 		if (owner == cr->cr_uid)
1132  * Normal:	Determine if subject can chown owner of a file.
1138 secpolicy_vnode_chown(const cred_t *cred, uid_t owner)
1140 	boolean_t is_owner = (owner == crgetuid(cred));
1145 		allzone = (owner == 0);
1199 secpolicy_vnode_setdac(const cred_t *cred, uid_t owner)
1201 	if (owner == cred->cr_uid)
1204 	return (PRIV_POLICY(cred, PRIV_FILE_OWNER, owner == 0, EPERM, NULL));
1233 secpolicy_vnode_owner(const cred_t *cr, uid_t owner)
1235 	boolean_t allzone = (owner == 0);
1237 	if (owner == cr->cr_uid)
1296 secpolicy_xvattr(xvattr_t *xvap, uid_t owner, cred_t *cr, vtype_t vtype)
1314 		if ((error = secpolicy_vnode_owner(cr, owner)) != 0)
1373  *			- permission to change file mode if not owner
1414 		 * If not the owner of the file then check privilege
1417 		 * to add the set-uid bit, if we're not the owner.
1436 		 * If you are the file owner:
1444 		 * If you are not the file owner:
1474 		 * If not the file owner and not otherwise privileged,
1564 secpolicy_rsm_access(const cred_t *cr, uid_t owner, mode_t mode)
1575 		if (cr->cr_uid != 0 && owner == 0)

Indexes created Tue Jul 24 14:28:13 CEST 2018