| blob | 8f08a944e5f0e9e1948617aee4e4cc4f2befe376 |
1 #ifndef VSF_SECUTIL_H
2 #define VSF_SECUTIL_H
6 /* vsf_secutil_change_credentials()
7 * PURPOSE
8 * This function securely switches process credentials to the user specified.
9 * There are options to enter a chroot() jail, and supplementary groups may
10 * or may not be activated.
11 * PARAMETERS
12 * p_user_str - the name of the user to become
13 * p_dir_str - the directory to chdir() and possibly chroot() to.
14 * (if NULL, the user's home directory is used)
15 * p_ext_dir_str - the directory to chdir() and possibly chroot() to,
16 * applied in addition to the directory calculated by
17 * p_user_str and p_dir_str.
18 * caps - bitmap of capabilities to adopt. NOTE, if the underlying
19 * OS does not support capabilities as a non-root user, and
20 * the capability bitset is non-empty, then root privileges
21 * will have to be retained.
22 * options - see bitmask definitions below
23 */
25 /* chroot() the user into the new directory */
26 #define VSF_SECUTIL_OPTION_CHROOT 1
27 /* Activate any supplementary groups the user may have */
28 #define VSF_SECUTIL_OPTION_USE_GROUPS 2
29 /* Do the chdir() as the effective userid of the target user */
30 #define VSF_SECUTIL_OPTION_CHANGE_EUID 4
31 /* Use RLIMIT_NOFILE to prevent the opening of new fds */
32 #define VSF_SECUTIL_OPTION_NO_FDS 8
33 /* Use RLIMIT_NPROC to prevent the launching of new processes */
34 #define VSF_SECUTIL_OPTION_NO_PROCS 16