K 10
svn:author
V 7
rwatson
K 8
svn:date
V 27
2001-05-17T21:48:44.000000Z
K 7
svn:log
V 491
o Modify access control checks in p_candebug() such that the policy is as
  follows: the effective uid of p1 (subject) must equal the real, saved,
  and effective uids of p2 (object), p2 must not have undergone a
  credential downgrade.  A subject with appropriate privilege may override
  these protections.

  In the future, we will extend these checks to require that p1 effective
  group membership must be a superset of p2 effective group membership.

Obtained from:	TrustedBSD Project

END