aboutsummaryrefslogtreecommitdiff
path: root/sys/kern/kern_sysctl.c
diff options
context:
space:
mode:
Diffstat (limited to 'sys/kern/kern_sysctl.c')
-rw-r--r--sys/kern/kern_sysctl.c12
1 files changed, 10 insertions, 2 deletions
diff --git a/sys/kern/kern_sysctl.c b/sys/kern/kern_sysctl.c
index bb5b6a0f3ad6..b83502c2f419 100644
--- a/sys/kern/kern_sysctl.c
+++ b/sys/kern/kern_sysctl.c
@@ -1381,10 +1381,18 @@ sysctl_root(SYSCTL_HANDLER_ARGS)
/* Is this sysctl writable by only privileged users? */
if (req->newptr && !(oid->oid_kind & CTLFLAG_ANYBODY)) {
+ int priv;
+
if (oid->oid_kind & CTLFLAG_PRISON)
- error = priv_check(req->td, PRIV_SYSCTL_WRITEJAIL);
+ priv = PRIV_SYSCTL_WRITEJAIL;
+#ifdef VIMAGE
+ else if ((oid->oid_kind & CTLFLAG_VNET) &&
+ prison_owns_vnet(req->td->td_ucred))
+ priv = PRIV_SYSCTL_WRITEJAIL;
+#endif
else
- error = priv_check(req->td, PRIV_SYSCTL_WRITE);
+ priv = PRIV_SYSCTL_WRITE;
+ error = priv_check(req->td, priv);
if (error)
return (error);
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-16 09:23:20 +0000