--- usr/src/uts/common/os/policy.c.orig	2010-05-07 17:00:26.987935617 +0200
+++ usr/src/uts/common/os/policy.c	2010-05-07 17:01:20.938941960 +0200
@@ -936,37 +936,7 @@
 	if (mode == 0)
 		return (0);
 
-	if ((mode & VREAD) && priv_policy_va(cr, PRIV_FILE_DAC_READ, B_FALSE,
-	    EACCES, NULL, KLPDARG_VNODE, vp, (char *)NULL,
-	    KLPDARG_NOMORE) != 0) {
-		return (EACCES);
-	}
-
-	if (mode & VWRITE) {
-		boolean_t allzone;
-
-		if (owner == 0 && cr->cr_uid != 0)
-			allzone = B_TRUE;
-		else
-			allzone = B_FALSE;
-		if (priv_policy_va(cr, PRIV_FILE_DAC_WRITE, allzone, EACCES,
-		    NULL, KLPDARG_VNODE, vp, (char *)NULL,
-		    KLPDARG_NOMORE) != 0) {
-			return (EACCES);
-		}
-	}
-
-	if (mode & VEXEC) {
-		/*
-		 * Directories use file_dac_search to override the execute bit.
-		 */
-		int p = vp->v_type == VDIR ? PRIV_FILE_DAC_SEARCH :
-		    PRIV_FILE_DAC_EXECUTE;
-
-		return (priv_policy_va(cr, p, B_FALSE, EACCES, NULL,
-		    KLPDARG_VNODE, vp, (char *)NULL, KLPDARG_NOMORE));
-	}
-	return (0);
+	return (secpolicy_vnode_access(cr, vp, owner, mode));
 }
 
 /*