NAME
cr_seeothergids - determine visibility of objects given their group
memberships
SYNOPSIS
int
cr_seeothergids(struct ucred *u1, struct ucred *u2);
DESCRIPTION
This function determines the visibility of objects in the kernel based on
the group IDs in the credentials u1 and u2 associated with them.
The visibility of objects is influenced by the sysctl(8) variable
security.bsd.see_other_gids. If this variable is non-zero then all
objects in the kernel are visible to each other irrespective of their
group membership. If this variable is zero then the object with
credentials u2 is visible to the object with credentials u1 if either u1
is the super-user credential, or if at least one of u1’s group IDs is
present in u2’s group set.
SYSCTL VARIABLES
security.bsd.see_other_gids
Must be non-zero if objects with unprivileged credentials are to
be able to see each other.
RETURN VALUES
This function returns zero if the object with credential u1 can “see” the
object with credential u2, or ESRCH otherwise.
SEE ALSO
cr_seeotheruids(9), p_candebug(9)