xref: /freebsd/share/man/man9/cr_bsd_visible.9 (revision 63f537551380d2dab29fa402ad1269feae17e594)
1.\"
2.\" SPDX-License-Identifier: BSD-2-Clause
3.\"
4.\" Copyright (c) 2023 Olivier Certner <olce.freebsd@certner.fr>
5.\"
6.\" Redistribution and use in source and binary forms, with or without
7.\" modification, are permitted provided that the following conditions
8.\" are met:
9.\" 1. Redistributions of source code must retain the above copyright
10.\"    notice, this list of conditions and the following disclaimer.
11.\" 2. Redistributions in binary form must reproduce the above copyright
12.\"    notice, this list of conditions and the following disclaimer in the
13.\"    documentation and/or other materials provided with the distribution.
14.\"
15.\" THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY EXPRESS OR
16.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
17.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
18.\" IN NO EVENT SHALL THE DEVELOPERS BE LIABLE FOR ANY DIRECT, INDIRECT,
19.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
20.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
21.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
22.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
23.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
24.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25.\"
26.Dd August 18, 2023
27.Dt CR_BSD_VISIBLE 9
28.Os
29.Sh NAME
30.Nm cr_bsd_visible
31.Nd determine if subjects may see entities according to BSD security policies
32.Sh SYNOPSIS
33.In sys/proc.h
34.Ft int
35.Fn cr_bsd_visible "struct ucred *u1" "struct ucred *u2"
36.Sh DESCRIPTION
37This function determines if a subject with credentials
38.Fa u1
39is denied seeing an object or subject associated to credentials
40.Fa u2
41by the following policies and associated
42.Xr sysctl 8
43knobs:
44.Bl -tag -width indent
45.It Va security.bsd.seeotheruids
46If set to 0, subjects cannot see other subjects or objects if they are not
47associated with the same real user ID.
48The corresponding internal function is
49.Xr cr_canseeotheruids 9 .
50.It Va security.bsd.seeothergids
51If set to 0, subjects cannot see other subjects or objects if they are not both
52a member of at least one common group.
53The corresponding internal function is
54.Xr cr_canseeothergids 9 .
55.It Va security.bsd.see_jail_proc
56If set to 0, subjects cannot see other subjects or objects that are not
57associated with the same jail as they are.
58The corresponding internal function is
59.Xr cr_canseejailproc 9 .
60.El
61.Pp
62As usual, the superuser (effective user ID 0) is exempt from any of these
63policies provided that the
64.Xr sysctl 8
65variable
66.Va security.bsd.suser_enabled
67is non-zero and no active MAC policy explicitly denies the exemption
68.Po
69see
70.Xr priv_check_cred 9
71.Pc .
72.Pp
73This function is intended to be used as a helper to implement
74.Xr cr_cansee 9
75and similar functions.
76.Sh RETURN VALUES
77This function returns zero if a subject with credentials
78.Fa u1
79may see a subject or object with credentials
80.Fa u2
81by the active above-mentioned policies, or
82.Er ESRCH
83otherwise.
84.Sh ERRORS
85.Bl -tag -width Er
86.It Bq Er ESRCH
87Credentials
88.Fa u1
89and
90.Fa u2
91do not have the same real user ID.
92.It Bq Er ESRCH
93Credentials
94.Fa u1
95and
96.Fa u2
97are not members of any common group
98.Po
99as determined by
100.Xr realgroupmember 9
101.Pc .
102.It Bq Er ESRCH
103Credentials
104.Fa u1
105and
106.Fa u2
107are not in the same jail.
108.El
109.Sh SEE ALSO
110.Xr cr_canseeotheruids 9 ,
111.Xr cr_canseeothergids 9 ,
112.Xr cr_canseejailproc 9 ,
113.Xr priv_check_cred 9 ,
114.Xr cr_cansee 9
115.Sh AUTHORS
116This function and its manual page were written by
117.An Olivier Certner Aq Mt olce.freebsd@certner.fr .
118