SECMODEL_SUSER(9) Kernel Developer's Manual SECMODEL_SUSER(9)

secmodel_susersuper-user security model

secmodel_suser implements the traditional super-user (root) as the user with effective user-id 0. The super-user is the host administrator, considered to have higher privileges than other users.

secmodel_suser exposes a secmodel_eval(9) evaluation routine to test whether a set of credentials can be assimilated to super-user credentials or not.

The parameters to secmodel_eval(9) are:

id
the unique identifier of secmodel_suser: "org.netbsd.secmodel.suser"
what
a string, "is-root".
arg
the kauth(9) credentials (kauth_cred_t) of the caller.
ret
a boolean, set by secmodel_suser to true when the credentials are equivalent to super-user, false otherwise.

If successful, the evaluation returns 0 with the ret argument being either true or false.

kauth(9), secmodel(9), secmodel_bsd44(9), secmodel_eval(9)

Elad Efrat <elad@NetBSD.org>

December 4, 2011 NetBSD 11.0