1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
#ifndef VSF_SECUTIL_H
#define VSF_SECUTIL_H
struct mystr;
/* vsf_secutil_change_credentials()
* PURPOSE
* This function securely switches process credentials to the user specified.
* There are options to enter a chroot() jail, and supplementary groups may
* or may not be activated.
* PARAMETERS
* p_user_str - the name of the user to become
* p_dir_str - the directory to chdir() and possibly chroot() to.
* (if NULL, the user's home directory is used)
* p_ext_dir_str - the directory to chdir() and possibly chroot() to,
* applied in addition to the directory calculated by
* p_user_str and p_dir_str.
* caps - bitmap of capabilities to adopt. NOTE, if the underlying
* OS does not support capabilities as a non-root user, and
* the capability bitset is non-empty, then root privileges
* will have to be retained.
* options - see bitmask definitions below
*/
/* chroot() the user into the new directory */
#define VSF_SECUTIL_OPTION_CHROOT 1
/* Activate any supplementary groups the user may have */
#define VSF_SECUTIL_OPTION_USE_GROUPS 2
/* Do the chdir() as the effective userid of the target user */
#define VSF_SECUTIL_OPTION_CHANGE_EUID 4
/* Use RLIMIT_NOFILE to prevent the opening of new fds */
#define VSF_SECUTIL_OPTION_NO_FDS 8
void vsf_secutil_change_credentials(const struct mystr* p_user_str,
const struct mystr* p_dir_str,
const struct mystr* p_ext_dir_str,
unsigned int caps, unsigned int options);
#endif /* VSF_SECUTIL_H */
|