Provided by: freebsd-manpages_12.2-2_all bug

NAME
       cr_cansee — determine visibility of objects given their user credentials


SYNOPSIS
       #include <sys/param.h>
       #include <sys/systm.h>
       #include <sys/ucred.h>

       int
       cr_cansee(struct ucred *u1, struct ucred *u2);


DESCRIPTION
       This function determines the visibility of objects in the kernel based on the real user IDs and group IDs
       in the credentials u1 and u2 associated with them.

       The  visibility  of  objects  is  influenced  by  the sysctl(8) variables security.bsd.see_other_gids and
       security.bsd.see_other_uids,  as  per  the  description  in  cr_seeothergids(9)  and   cr_seeotheruids(9)
       respectively.


RETURN VALUES
       This  function  returns zero if the object with credential u1 can “see” the object with credential u2, or
       ESRCH otherwise.


ERRORS
       [ESRCH]            The object with credential u1 cannot “see” the object with credential u2.

       [ESRCH]            The object with credential u1 has been jailed and the object with credential  u2  does
                          not belong to the same jail as u1.

       [ESRCH]            The MAC subsystem denied visibility.


SEE ALSO
       cr_seeothergids(9), cr_seeotheruids(9), mac(9), p_cansee(9)

Debian                                          November 19, 2006                                   CR_CANSEE(9)