From 14272f2dff5e9e4b82c810bd3e7276eb16228d01 Mon Sep 17 00:00:00 2001
From: Michael Neumann <mneumann@ntecs.de>
Date: Mon, 13 Jul 2009 00:35:39 +0200
Subject: [PATCH] priv: Define and use PRIV_PROC_TRESPASS

---
 sys/kern/kern_jail.c | 2 ++
 sys/kern/kern_prot.c | 2 +-
 sys/sys/priv.h       | 1 +
 3 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c
index cb19b62665..1ef6c7feeb 100644
--- a/sys/kern/kern_jail.c
+++ b/sys/kern/kern_jail.c
@@ -702,6 +702,8 @@ prison_priv_check(struct ucred *cred, int priv)
 
 	case PRIV_SETHOSTNAME:
 
+	case PRIV_PROC_TRESPASS:
+
 		return (0);
 
 	case PRIV_UFS_QUOTAON:
diff --git a/sys/kern/kern_prot.c b/sys/kern/kern_prot.c
index 1ddff297b8..d7a3f3685a 100644
--- a/sys/kern/kern_prot.c
+++ b/sys/kern/kern_prot.c
@@ -913,7 +913,7 @@ p_trespass(struct ucred *cr1, struct ucred *cr2)
 		return (0);
 	if (cr1->cr_uid == cr2->cr_uid)
 		return (0);
-	if (priv_check_cred(cr1, PRIV_ROOT, PRISON_ROOT) == 0)
+	if (priv_check_cred(cr1, PRIV_PROC_TRESPASS, 0) == 0)
 		return (0);
 	return (EPERM);
 }
diff --git a/sys/sys/priv.h b/sys/sys/priv.h
index 430e19f0b6..40cc1ea44a 100644
--- a/sys/sys/priv.h
+++ b/sys/sys/priv.h
@@ -162,6 +162,7 @@
 #define	PRIV_PROC_LIMIT		160	/* Exceed user process limit. */
 #define	PRIV_PROC_SETLOGIN	161	/* Can call setlogin. */
 #define	PRIV_PROC_SETRLIMIT	162	/* Can raise resources limits. */
+#define	PRIV_PROC_TRESPASS	163	/* Can p_trespass. */
 
 /* System V IPC privileges.
  */
-- 
2.11.4.GIT