CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2015/12/03 06:08:44
Modified files:
usr.sbin/vmd : control.c proc.h
usr.sbin/vmmctl: main.c
Log message:
Use PEERCRED to obtain the user id of the vmmctl user. This is used to
restrict write operations (start/stop/terminate/load) to root for now,
but allow others to obtain the status. A more sophisticated model will
follow later, but this change prevents non-root users, even if in the wheel
group, to start vms and thus to open any files read-writable as disks.
