Mercurial Mercurial > upstream > oracle > vpanels / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
7141317 Remove authorization checks in zones bridge module
authorStephen Talley <stephen.talley@oracle.com>
Tue, 07 Feb 2012 11:28:29 -0500
changeset 799 80f1baa244ae
parent 798 a7deccd6492f
child 800 c7589c9a52a7
7141317 Remove authorization checks in zones bridge module
usr/src/cmd/rad/mod/zonesbridge/mod_zonesbridge.c file | annotate | diff | comparison | revisions 
--- a/usr/src/cmd/rad/mod/zonesbridge/mod_zonesbridge.c	Thu Feb 02 11:25:01 2012 -0500
+++ b/usr/src/cmd/rad/mod/zonesbridge/mod_zonesbridge.c	Tue Feb 07 11:28:29 2012 -0500
@@ -20,11 +20,10 @@
  */
 
 /*
- * Copyright (c) 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2011, 2012, Oracle and/or its affiliates. All rights reserved.
  */
 
 #include <assert.h>
-#include <auth_attr.h>
 #include <errno.h>
 #include <fcntl.h>
 #include <libzonecfg.h>
@@ -39,13 +38,6 @@
 #include "token.h"
 
 /*
- * Macros
- */
-
-/* From usr/src/head/auth_list.h */
-#define	ZONE_MANAGE_AUTH "solaris.zone.manage"
-
-/*
  * Function prototypes
  */
 
@@ -321,6 +313,10 @@
 			argv = cmd;
 		}
 
+		/*
+		 * When 7143194 is resolved, we'll need to explicitly check for
+		 * auth errors and return ce_priv.
+		 */
 		(void) execv(argv[0], (char *const *)argv);
 		_exit(1);
 	}
@@ -462,14 +458,6 @@
 		    error));
 	}
 
-	/* Ensure auth */
-	char authname[MAXAUTHS];
-	(void) snprintf(authname, MAXAUTHS, "%s%s%s", ZONE_MANAGE_AUTH,
-	    KV_OBJECT, zone);
-	if (!chkauthattr(authname, cuserid(NULL))) {
-		return (ce_priv);
-	}
-
 	/*
 	 * Ensure valid state
 	 *
upstream/oracle/vpanels