1.\" 2.\" Copyright (c) 2006 Ceri Davies <ceri@FreeBSD.org> 3.\" 4.\" All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 15.\" THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY EXPRESS OR 16.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 17.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 18.\" IN NO EVENT SHALL THE DEVELOPERS BE LIABLE FOR ANY DIRECT, INDIRECT, 19.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 20.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 21.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 22.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 23.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 24.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 25.\" 26.Dd November 19, 2006 27.Dt CR_CANSEE 9 28.Os 29.Sh NAME 30.Nm cr_cansee 31.Nd "determine visibility of objects given their user credentials" 32.Sh SYNOPSIS 33.In sys/param.h 34.In sys/systm.h 35.In sys/ucred.h 36.Ft int 37.Fn cr_cansee "struct ucred *u1" "struct ucred *u2" 38.Sh DESCRIPTION 39This function determines the visibility of objects in the 40kernel based on the real user IDs and group IDs in the credentials 41.Fa u1 42and 43.Fa u2 44associated with them. 45.Pp 46The visibility of objects is influenced by the 47.Xr sysctl 8 48variables 49.Va security.bsd.see_other_gids 50and 51.Va security.bsd.see_other_uids , 52as per the description in 53.Xr cr_seeothergids 9 54and 55.Xr cr_seeotheruids 9 56respectively. 57.Sh RETURN VALUES 58This function returns zero if the object with credential 59.Fa u1 60can 61.Dq see 62the object with credential 63.Fa u2 , 64or 65.Er ESRCH 66otherwise. 67.Sh ERRORS 68.Bl -tag -width Er 69.It Bq Er ESRCH 70The object with credential 71.Fa u1 72cannot 73.Dq see 74the object with credential 75.Fa u2 . 76.It Bq Er ESRCH 77The object with credential 78.Fa u1 79has been jailed and the object with credential 80.Fa u2 81does not belong to the same jail as 82.Fa u1 . 83.It Bq Er ESRCH 84The MAC subsystem denied visibility. 85.El 86.Sh SEE ALSO 87.Xr cr_seeothergids 9 , 88.Xr cr_seeotheruids 9 , 89.Xr mac 9 , 90.Xr p_cansee 9 91