From faa1a67e0c4d68cb19766b03dc7612c9bea6ec6f Mon Sep 17 00:00:00 2001
From: Michael Neumann <mneumann@ntecs.de>
Date: Wed, 17 Jun 2009 22:23:11 +0200
Subject: [PATCH] priv: Narrow down privileges

---
 sys/kern/kern_linker.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/sys/kern/kern_linker.c b/sys/kern/kern_linker.c
index b778ee8c22..638b78eb91 100644
--- a/sys/kern/kern_linker.c
+++ b/sys/kern/kern_linker.c
@@ -702,7 +702,7 @@ sys_kldload(struct kldload_args *uap)
     if (securelevel > 0 || kernel_mem_readonly)	/* redundant, but that's OK */
 	return EPERM;
 
-    if ((error = priv_check(td, PRIV_ROOT)) != 0)
+    if ((error = priv_check(td, PRIV_KLD_LOAD)) != 0)
 	return error;
 
     filename = kmalloc(MAXPATHLEN, M_TEMP, M_WAITOK);
@@ -742,7 +742,7 @@ sys_kldunload(struct kldunload_args *uap)
     if (securelevel > 0 || kernel_mem_readonly)	/* redundant, but that's OK */
 	return EPERM;
 
-    if ((error = priv_check(td, PRIV_ROOT)) != 0)
+    if ((error = priv_check(td, PRIV_KLD_UNLOAD)) != 0)
 	return error;
 
     lf = linker_find_file_by_id(uap->fileid);
-- 
2.11.4.GIT