1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
|
.\"
.\" Copyright (c) 2003 Joseph Koshy <jkoshy@FreeBSD.org>
.\" Copyright (c) 2023 Olivier Certner <olce.freebsd@certner.fr>
.\"
.\" All rights reserved.
.\"
.\" This program is free software.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY EXPRESS OR
.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
.\" IN NO EVENT SHALL THE DEVELOPERS BE LIABLE FOR ANY DIRECT, INDIRECT,
.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd August 18, 2023
.Dt CR_CANSEEOTHERGIDS 9
.Os
.Sh NAME
.Nm cr_canseeothergids
.Nd determine if subjects may see entities in a disjoint group set
.Sh SYNOPSIS
.Ft int
.Fn cr_canseeothergids "struct ucred *u1" "struct ucred *u2"
.Sh DESCRIPTION
.Bf -emphasis
This function is internal.
Its functionality is integrated into the function
.Xr cr_bsd_visible 9 ,
which should be called instead.
.Ef
.Pp
This function checks if a subject associated to credentials
.Fa u1
is denied seeing a subject or object associated to credentials
.Fa u2
by a policy that requires both credentials to have at least one group in common.
For this determination, the real and supplementary group IDs are used, but
not the effective group IDs, as per
.Xr realgroupmember 9 .
.Pp
This policy is active if and only if the
.Xr sysctl 8
variable
.Va security.bsd.see_other_gids
is set to zero.
.Pp
As usual, the superuser (effective user ID 0) is exempt from this policy
provided that the
.Xr sysctl 8
variable
.Va security.bsd.suser_enabled
is non-zero and no active MAC policy explicitly denies the exemption
.Po
see
.Xr priv_check_cred 9
.Pc .
.Sh RETURN VALUES
The
.Fn cr_canseeothergids
function returns 0 if the policy is disabled, the credentials share at least one
common group, or if
.Fa u1
has privilege exempting it from the policy.
Otherwise, it returns
.Er ESRCH .
.Sh SEE ALSO
.Xr cr_bsd_visible 9 ,
.Xr realgroupmember 9 ,
.Xr priv_check_cred 9
|
