kauth_cred_t cred;
int error;
- if (!mac_proc_enforce ||
- !mac_proc_check_enforce(curp, MAC_PROC_ENFORCE))
+#if SECURITY_MAC_CHECK_ENFORCE
+ /* 21167099 - only check if we allow write */
+ if (!mac_proc_enforce)
+ return 0;
+#endif
+
+ if (!mac_proc_check_enforce(curp, MAC_PROC_ENFORCE))
return 0;
cred = kauth_cred_proc_ref(curp);
kauth_cred_t cred;
int error;
- if (!mac_proc_enforce ||
- !mac_proc_check_enforce(curp, MAC_PROC_ENFORCE))
- return 0;
+#if SECURITY_MAC_CHECK_ENFORCE
+ /* 21167099 - only check if we allow write */
+ if (!mac_proc_enforce)
+ return 0;
+#endif
+ if (!mac_proc_check_enforce(curp, MAC_PROC_ENFORCE))
+ return 0;
cred = kauth_cred_proc_ref(curp);
MAC_CHECK(proc_check_setauid, cred, auid);
kauth_cred_t cred;
int error;
- if (!mac_proc_enforce ||
- !mac_proc_check_enforce(curp, MAC_PROC_ENFORCE))
- return 0;
+#if SECURITY_MAC_CHECK_ENFORCE
+ /* 21167099 - only check if we allow write */
+ if (!mac_proc_enforce)
+ return 0;
+#endif
+ if (!mac_proc_check_enforce(curp, MAC_PROC_ENFORCE))
+ return 0;
cred = kauth_cred_proc_ref(curp);
MAC_CHECK(proc_check_getaudit, cred);
kauth_cred_t cred;
int error;
- if (!mac_proc_enforce ||
- !mac_proc_check_enforce(curp, MAC_PROC_ENFORCE))
- return 0;
+#if SECURITY_MAC_CHECK_ENFORCE
+ /* 21167099 - only check if we allow write */
+ if (!mac_proc_enforce)
+ return 0;
+#endif
+ if (!mac_proc_check_enforce(curp, MAC_PROC_ENFORCE))
+ return 0;
cred = kauth_cred_proc_ref(curp);
MAC_CHECK(proc_check_setaudit, cred, ai);
projects / apple / xnu.git / blobdiff