Modified: branches/SULeopard/launchd/src/launchd_core_logic.c (23630 => 23631)

--- branches/SULeopard/launchd/src/launchd_core_logic.c	2008-05-21 23:25:49 UTC (rev 23630)
+++ branches/SULeopard/launchd/src/launchd_core_logic.c	2008-05-22 00:27:39 UTC (rev 23631)
@@ -5246,6 +5246,10 @@
 	struct ldcred ldc;
 	job_t js;
 
+#if TARGET_OS_EMBEDDED
+	return BOOTSTRAP_NOT_PRIVILEGED;
+#endif
+
 	if (!launchd_assumes(j != NULL)) {
 		return BOOTSTRAP_NO_MEMORY;
 	}
@@ -5734,6 +5738,10 @@
 	struct ldcred ldc;
 	job_t ji;
 
+#if TARGET_OS_EMBEDDED
+	return BOOTSTRAP_NOT_PRIVILEGED;
+#endif
+
 	if (!launchd_assumes(j != NULL)) {
 		return BOOTSTRAP_NO_MEMORY;
 	}
@@ -6020,6 +6028,10 @@
 	jobmgr_t jm;
 	job_t ji;
 
+#if TARGET_OS_EMBEDDED
+	return BOOTSTRAP_NOT_PRIVILEGED;
+#endif
+
 	if (!launchd_assumes(j != NULL)) {
 		return BOOTSTRAP_NO_MEMORY;
 	}
@@ -6142,6 +6154,10 @@
 	struct ldcred ldc;
 	jobmgr_t jmr = NULL;
 
+#if TARGET_OS_EMBEDDED
+	return BOOTSTRAP_NOT_PRIVILEGED;
+#endif
+
 	if (!launchd_assumes(j != NULL)) {
 		return BOOTSTRAP_NO_MEMORY;
 	}
@@ -6318,6 +6334,10 @@
 	jobmgr_t jm;
 	job_t ji;
 
+#if TARGET_OS_EMBEDDED
+	return BOOTSTRAP_NOT_PRIVILEGED;
+#endif
+
 	if (!launchd_assumes(j != NULL)) {
 		return BOOTSTRAP_NO_MEMORY;
 	}
@@ -6608,12 +6628,19 @@
 kern_return_t
 job_mig_set_service_policy(job_t j, pid_t target_pid, uint64_t flags, name_t target_service)
 {
+	struct ldcred ldc;
 	job_t target_j;
 
 	if (!launchd_assumes(j != NULL)) {
 		return BOOTSTRAP_NO_MEMORY;
 	}
 
+	runtime_get_caller_creds(&ldc);
+
+	if (unlikely(ldc.uid || ldc.euid)) {
+		return BOOTSTRAP_NOT_PRIVILEGED;
+	}
+
 	if (!job_assumes(j, (target_j = jobmgr_find_by_pid(j->mgr, target_pid, true)) != NULL)) {
 		return BOOTSTRAP_NO_MEMORY;
 	}
@@ -6642,6 +6669,10 @@
 	struct ldcred ldc;
 	job_t jr;
 
+#if TARGET_OS_EMBEDDED
+	return BOOTSTRAP_NOT_PRIVILEGED;
+#endif
+
 	runtime_get_caller_creds(&ldc);
 
 	if (!launchd_assumes(j != NULL)) {