blocxx
|
Enumerations | |
enum | EChildGroupAction { E_NO_EXTENDED_GROUPS = 0, E_SOURCE_EXTENDED_GROUPS } |
Functions | |
BLOCXX_DEFINE_EXCEPTION (ProcessAbort) | |
void | dropPrivilegesPermanently (::uid_t newuid,::gid_t newgid, EChildGroupAction extendedGroupAction) |
StringArray | minimalEnvironment () |
void | runAs (char const *username, EChildGroupAction extendedGroupAction=E_SOURCE_EXTENDED_GROUPS) |
Look up user ID and group ID for username in password file, chdir to "/", then drop privileges and run with that user ID and group ID. | |
BLOCXX_DECLARE_EXCEPTION (ProcessAbort) | |
Secure::ProcessAbortException should be caught only at the top level of the program. | |
BLOCXX_COMMON_API void | dropPrivilegesPermanently (uid_t newuid, gid_t newgid, EChildGroupAction extendedGroupAction) |
Changes both the effective and actual user ID to newuid, and the effective and actual group IDs to newgid, clearing out all of root's auxiliary groups. |
Definition at line 48 of file Secure.hpp.
BLOCXX_NAMESPACE::Secure::BLOCXX_DECLARE_EXCEPTION | ( | ProcessAbort | ) |
Secure::ProcessAbortException should be caught only at the top level of the program.
The process should then exit after optionally writing an error message somewhere.
BLOCXX_NAMESPACE::Secure::BLOCXX_DEFINE_EXCEPTION | ( | ProcessAbort | ) |
void BLOCXX_NAMESPACE::Secure::dropPrivilegesPermanently | ( | ::uid_t | newuid, |
::gid_t | newgid, | ||
EChildGroupAction | extendedGroupAction | ||
) |
Definition at line 137 of file Secure.cpp.
References ABORT_ERRNO_IF, ABORT_IF, and E_SOURCE_EXTENDED_GROUPS.
Referenced by runAs().
BLOCXX_COMMON_API void BLOCXX_NAMESPACE::Secure::dropPrivilegesPermanently | ( | uid_t | newuid, |
gid_t | newgid, | ||
EChildGroupAction | extendedGroupAction | ||
) |
Changes both the effective and actual user ID to newuid, and the effective and actual group IDs to newgid, clearing out all of root's auxiliary groups.
If newuid == -1, defaults to the actual user ID. If newgid == -1, defaults to the actual group ID.
The second parameter controls whether or not the new user's auxiliary groups are sourced.
BLOCXX_COMMON_API StringArray BLOCXX_NAMESPACE::Secure::minimalEnvironment | ( | ) |
Definition at line 360 of file Secure.cpp.
BLOCXX_COMMON_API void BLOCXX_NAMESPACE::Secure::runAs | ( | char const * | username, |
EChildGroupAction | extendedGroupAction = E_SOURCE_EXTENDED_GROUPS |
||
) |
Look up user ID and group ID for username in password file, chdir to "/", then drop privileges and run with that user ID and group ID.
The extendedGroupAction parameter determines whether or not the child process's extended groups get initialized, or if it only runs with its primary group.
Definition at line 365 of file Secure.cpp.
References ABORT_ERRNO_IF, ABORT_IF, and dropPrivilegesPermanently().