1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 * 25 * Privilege constant definitions. Privileges and privilege sets 26 * are only known by name and should be mapped at runtime. 27 * 28 * THIS FILE WAS GENERATED; DO NOT EDIT 29 */ 30 31 32 #ifndef _SYS_PRIV_NAMES_H 33 #define _SYS_PRIV_NAMES_H 34 35 36 37 #ifdef __cplusplus 38 extern "C" { 39 #endif 40 41 #ifndef __PRIV_CONST_IMPL 42 /* 43 * Privilege names 44 */ 45 /* 46 * Allows a process to request critical events without limitation. 47 * Allows a process to request reliable delivery of all events on 48 * any event queue. 49 */ 50 #define PRIV_CONTRACT_EVENT ((const char *)"contract_event") 51 52 /* 53 * Allows a process to set the service FMRI value of a process 54 * contract template. 55 */ 56 #define PRIV_CONTRACT_IDENTITY ((const char *)"contract_identity") 57 58 /* 59 * Allows a process to observe contract events generated by 60 * contracts created and owned by users other than the process's 61 * effective user ID. 62 * Allows a process to open contract event endpoints belonging to 63 * contracts created and owned by users other than the process's 64 * effective user ID. 65 */ 66 #define PRIV_CONTRACT_OBSERVER ((const char *)"contract_observer") 67 68 /* 69 * Allow a process to access per-CPU hardware performance counters. 70 */ 71 #define PRIV_CPC_CPU ((const char *)"cpc_cpu") 72 73 /* 74 * Allows DTrace kernel-level tracing. 75 */ 76 #define PRIV_DTRACE_KERNEL ((const char *)"dtrace_kernel") 77 78 /* 79 * Allows DTrace process-level tracing. 80 * Allows process-level tracing probes to be placed and enabled in 81 * processes to which the user has permissions. 82 */ 83 #define PRIV_DTRACE_PROC ((const char *)"dtrace_proc") 84 85 /* 86 * Allows DTrace user-level tracing. 87 * Allows use of the syscall and profile DTrace providers to 88 * examine processes to which the user has permissions. 89 */ 90 #define PRIV_DTRACE_USER ((const char *)"dtrace_user") 91 92 /* 93 * Allows a process to change a file's owner user ID. 94 * Allows a process to change a file's group ID to one other than 95 * the process' effective group ID or one of the process' 96 * supplemental group IDs. 97 */ 98 #define PRIV_FILE_CHOWN ((const char *)"file_chown") 99 100 /* 101 * Allows a process to give away its files; a process with this 102 * privilege will run as if {_POSIX_CHOWN_RESTRICTED} is not 103 * in effect. 104 */ 105 #define PRIV_FILE_CHOWN_SELF ((const char *)"file_chown_self") 106 107 /* 108 * Allows a process to execute an executable file whose permission 109 * bits or ACL do not allow the process execute permission. 110 */ 111 #define PRIV_FILE_DAC_EXECUTE ((const char *)"file_dac_execute") 112 113 /* 114 * Allows a process to read a file or directory whose permission 115 * bits or ACL do not allow the process read permission. 116 */ 117 #define PRIV_FILE_DAC_READ ((const char *)"file_dac_read") 118 119 /* 120 * Allows a process to search a directory whose permission bits or 121 * ACL do not allow the process search permission. 122 */ 123 #define PRIV_FILE_DAC_SEARCH ((const char *)"file_dac_search") 124 125 /* 126 * Allows a process to write a file or directory whose permission 127 * bits or ACL do not allow the process write permission. 128 * In order to write files owned by uid 0 in the absence of an 129 * effective uid of 0 ALL privileges are required. 130 */ 131 #define PRIV_FILE_DAC_WRITE ((const char *)"file_dac_write") 132 133 /* 134 * Allows a process to set the sensitivity label of a file or 135 * directory to a sensitivity label that does not dominate the 136 * existing sensitivity label. 137 * This privilege is interpreted only if the system is configured 138 * with Trusted Extensions. 139 */ 140 #define PRIV_FILE_DOWNGRADE_SL ((const char *)"file_downgrade_sl") 141 142 /* 143 * Allows a process to create hardlinks to files owned by a uid 144 * different from the process' effective uid. 145 */ 146 #define PRIV_FILE_LINK_ANY ((const char *)"file_link_any") 147 148 /* 149 * Allows a process which is not the owner of a file or directory 150 * to perform the following operations that are normally permitted 151 * only for the file owner: modify that file's access and 152 * modification times; remove or rename a file or directory whose 153 * parent directory has the ``save text image after execution'' 154 * (sticky) bit set; mount a ``namefs'' upon a file; modify 155 * permission bits or ACL except for the set-uid and set-gid 156 * bits. 157 */ 158 #define PRIV_FILE_OWNER ((const char *)"file_owner") 159 160 /* 161 * Allows a process to change the ownership of a file or write to 162 * a file without the set-user-ID and set-group-ID bits being 163 * cleared. 164 * Allows a process to set the set-group-ID bit on a file or 165 * directory whose group is not the process' effective group or 166 * one of the process' supplemental groups. 167 * Allows a process to set the set-user-ID bit on a file with 168 * different ownership in the presence of PRIV_FILE_OWNER. 169 * Additional restrictions apply when creating or modifying a 170 * set-uid 0 file. 171 */ 172 #define PRIV_FILE_SETID ((const char *)"file_setid") 173 174 /* 175 * Allows a process to set the sensitivity label of a file or 176 * directory to a sensitivity label that dominates the existing 177 * sensitivity label. 178 * This privilege is interpreted only if the system is configured 179 * with Trusted Extensions. 180 */ 181 #define PRIV_FILE_UPGRADE_SL ((const char *)"file_upgrade_sl") 182 183 /* 184 * Allows a process to set immutable, nounlink or appendonly 185 * file attributes. 186 */ 187 #define PRIV_FILE_FLAG_SET ((const char *)"file_flag_set") 188 189 /* 190 * Allows a process to make privileged ioctls to graphics devices. 191 * Typically only xserver process needs to have this privilege. 192 * A process with this privilege is also allowed to perform 193 * privileged graphics device mappings. 194 */ 195 #define PRIV_GRAPHICS_ACCESS ((const char *)"graphics_access") 196 197 /* 198 * Allows a process to perform privileged mappings through a 199 * graphics device. 200 */ 201 #define PRIV_GRAPHICS_MAP ((const char *)"graphics_map") 202 203 /* 204 * Allows a process to read a System V IPC 205 * Message Queue, Semaphore Set, or Shared Memory Segment whose 206 * permission bits do not allow the process read permission. 207 * Allows a process to read remote shared memory whose 208 * permission bits do not allow the process read permission. 209 */ 210 #define PRIV_IPC_DAC_READ ((const char *)"ipc_dac_read") 211 212 /* 213 * Allows a process to write a System V IPC 214 * Message Queue, Semaphore Set, or Shared Memory Segment whose 215 * permission bits do not allow the process write permission. 216 * Allows a process to read remote shared memory whose 217 * permission bits do not allow the process write permission. 218 * Additional restrictions apply if the owner of the object has uid 0 219 * and the effective uid of the current process is not 0. 220 */ 221 #define PRIV_IPC_DAC_WRITE ((const char *)"ipc_dac_write") 222 223 /* 224 * Allows a process which is not the owner of a System 225 * V IPC Message Queue, Semaphore Set, or Shared Memory Segment to 226 * remove, change ownership of, or change permission bits of the 227 * Message Queue, Semaphore Set, or Shared Memory Segment. 228 * Additional restrictions apply if the owner of the object has uid 0 229 * and the effective uid of the current process is not 0. 230 */ 231 #define PRIV_IPC_OWNER ((const char *)"ipc_owner") 232 233 /* 234 * Allow a process to bind to a port that is configured as a 235 * multi-level port(MLP) for the process's zone. This privilege 236 * applies to both shared address and zone-specific address MLPs. 237 * See tnzonecfg(4) from the Trusted Extensions manual pages for 238 * information on configuring MLP ports. 239 * This privilege is interpreted only if the system is configured 240 * with Trusted Extensions. 241 */ 242 #define PRIV_NET_BINDMLP ((const char *)"net_bindmlp") 243 244 /* 245 * Allows a process to send and receive ICMP packets. 246 */ 247 #define PRIV_NET_ICMPACCESS ((const char *)"net_icmpaccess") 248 249 /* 250 * Allows a process to set NET_MAC_AWARE process flag by using 251 * setpflags(2). This privilege also allows a process to set 252 * SO_MAC_EXEMPT socket option by using setsockopt(3SOCKET). 253 * The NET_MAC_AWARE process flag and the SO_MAC_EXEMPT socket 254 * option both allow a local process to communicate with an 255 * unlabeled peer if the local process' label dominates the 256 * peer's default label, or if the local process runs in the 257 * global zone. 258 * This privilege is interpreted only if the system is configured 259 * with Trusted Extensions. 260 */ 261 #define PRIV_NET_MAC_AWARE ((const char *)"net_mac_aware") 262 263 /* 264 * Allows a process to access /dev/lo0 and the devices in /dev/ipnet/ 265 * while not requiring them to need PRIV_NET_RAWACCESS. 266 */ 267 #define PRIV_NET_OBSERVABILITY ((const char *)"net_observability") 268 269 /* 270 * Allows a process to bind to a privileged port 271 * number. The privilege port numbers are 1-1023 (the traditional 272 * UNIX privileged ports) as well as those ports marked as 273 * "udp/tcp_extra_priv_ports" with the exception of the ports 274 * reserved for use by NFS. 275 */ 276 #define PRIV_NET_PRIVADDR ((const char *)"net_privaddr") 277 278 /* 279 * Allows a process to have direct access to the network layer. 280 */ 281 #define PRIV_NET_RAWACCESS ((const char *)"net_rawaccess") 282 283 /* 284 * Allows a process to generate audit records. 285 * Allows a process to get its own audit pre-selection information. 286 */ 287 #define PRIV_PROC_AUDIT ((const char *)"proc_audit") 288 289 /* 290 * Allows a process to change its root directory. 291 */ 292 #define PRIV_PROC_CHROOT ((const char *)"proc_chroot") 293 294 /* 295 * Allows a process to use high resolution timers. 296 */ 297 #define PRIV_PROC_CLOCK_HIGHRES ((const char *)"proc_clock_highres") 298 299 /* 300 * Allows a process to call execve(). 301 */ 302 #define PRIV_PROC_EXEC ((const char *)"proc_exec") 303 304 /* 305 * Allows a process to call fork1()/forkall()/vfork() 306 */ 307 #define PRIV_PROC_FORK ((const char *)"proc_fork") 308 309 /* 310 * Allows a process to examine the status of processes other 311 * than those it can send signals to. Processes which cannot 312 * be examined cannot be seen in /proc and appear not to exist. 313 */ 314 #define PRIV_PROC_INFO ((const char *)"proc_info") 315 316 /* 317 * Allows a process to lock pages in physical memory. 318 */ 319 #define PRIV_PROC_LOCK_MEMORY ((const char *)"proc_lock_memory") 320 321 /* 322 * Allows a process to send signals to other processes, inspect 323 * and modify process state to other processes regardless of 324 * ownership. When modifying another process, additional 325 * restrictions apply: the effective privilege set of the 326 * attaching process must be a superset of the target process' 327 * effective, permitted and inheritable sets; the limit set must 328 * be a superset of the target's limit set; if the target process 329 * has any uid set to 0 all privilege must be asserted unless the 330 * effective uid is 0. 331 * Allows a process to bind arbitrary processes to CPUs. 332 */ 333 #define PRIV_PROC_OWNER ((const char *)"proc_owner") 334 335 /* 336 * Allows a process to elevate its priority above its current level. 337 * Allows a process to change its scheduling class to any scheduling class, 338 * including the RT class. 339 */ 340 #define PRIV_PROC_PRIOCNTL ((const char *)"proc_priocntl") 341 342 /* 343 * Allows a process to send signals or trace processes outside its 344 * session. 345 */ 346 #define PRIV_PROC_SESSION ((const char *)"proc_session") 347 348 /* 349 * Allows a process to set its uids at will. 350 * Assuming uid 0 requires all privileges to be asserted. 351 */ 352 #define PRIV_PROC_SETID ((const char *)"proc_setid") 353 354 /* 355 * Allows a process to assign a new task ID to the calling process. 356 */ 357 #define PRIV_PROC_TASKID ((const char *)"proc_taskid") 358 359 /* 360 * Allows a process to trace or send signals to processes in 361 * other zones. 362 */ 363 #define PRIV_PROC_ZONE ((const char *)"proc_zone") 364 365 /* 366 * Allows a process to enable and disable and manage accounting through 367 * acct(2), getacct(2), putacct(2) and wracct(2). 368 */ 369 #define PRIV_SYS_ACCT ((const char *)"sys_acct") 370 371 /* 372 * Allows a process to perform system administration tasks such 373 * as setting node and domain name and specifying nscd and coreadm 374 * settings. 375 */ 376 #define PRIV_SYS_ADMIN ((const char *)"sys_admin") 377 378 /* 379 * Allows a process to start the (kernel) audit daemon. 380 * Allows a process to view and set audit state (audit user ID, 381 * audit terminal ID, audit sessions ID, audit pre-selection mask). 382 * Allows a process to turn off and on auditing. 383 * Allows a process to configure the audit parameters (cache and 384 * queue sizes, event to class mappings, policy options). 385 */ 386 #define PRIV_SYS_AUDIT ((const char *)"sys_audit") 387 388 /* 389 * Allows a process to perform various system configuration tasks. 390 * Allows a process to add and remove swap devices; when adding a swap 391 * device, a process must also have sufficient privileges to read from 392 * and write to the swap device. 393 */ 394 #define PRIV_SYS_CONFIG ((const char *)"sys_config") 395 396 /* 397 * Allows a process to successfully call a kernel module that 398 * calls the kernel drv_priv(9F) function to check for allowed 399 * access. 400 * Allows a process to open the real console device directly. 401 * Allows a process to open devices that have been exclusively opened. 402 */ 403 #define PRIV_SYS_DEVICES ((const char *)"sys_devices") 404 405 /* 406 * Allows a process to increase the size of a System V IPC Message 407 * Queue buffer. 408 */ 409 #define PRIV_SYS_IPC_CONFIG ((const char *)"sys_ipc_config") 410 411 /* 412 * Allows a process to unlink and link directories. 413 */ 414 #define PRIV_SYS_LINKDIR ((const char *)"sys_linkdir") 415 416 /* 417 * Allows filesystem specific administrative procedures, such as 418 * filesystem configuration ioctls, quota calls and creation/deletion 419 * of snapshots. 420 * Allows a process to mount and unmount filesystems which would 421 * otherwise be restricted (i.e., most filesystems except 422 * namefs). 423 * A process performing a mount operation needs to have 424 * appropriate access to the device being mounted (read-write for 425 * "rw" mounts, read for "ro" mounts). 426 * A process performing any of the aforementioned 427 * filesystem operations needs to have read/write/owner 428 * access to the mount point. 429 * Only regular files and directories can serve as mount points 430 * for processes which do not have all zone privileges asserted. 431 * Unless a process has all zone privileges, the mount(2) 432 * system call will force the "nosuid" and "restrict" options, the 433 * latter only for autofs mountpoints. 434 * Regardless of privileges, a process running in a non-global zone may 435 * only control mounts performed from within said zone. 436 * Outside the global zone, the "nodevices" option is always forced. 437 */ 438 #define PRIV_SYS_MOUNT ((const char *)"sys_mount") 439 440 /* 441 * Allows a process to configure a system's datalink interfaces. 442 */ 443 #define PRIV_SYS_DL_CONFIG ((const char *)"sys_dl_config") 444 445 /* 446 * Allows a process to configure a system's IP interfaces and routes. 447 * Allows a process to configure network parameters using ndd. 448 * Allows a process access to otherwise restricted information using ndd. 449 * Allows a process to configure IPsec. 450 * Allows a process to pop anchored STREAMs modules with matching zoneid. 451 */ 452 #define PRIV_SYS_IP_CONFIG ((const char *)"sys_ip_config") 453 454 /* 455 * Allows all that PRIV_SYS_IP_CONFIG and PRIV_SYS_DL_CONFIG allow. 456 * Allows a process to push the rpcmod STREAMs module. 457 * Allows a process to INSERT/REMOVE STREAMs modules on locations other 458 * than the top of the module stack. 459 */ 460 #define PRIV_SYS_NET_CONFIG ((const char *)"sys_net_config") 461 462 /* 463 * Allows a process to perform Sun private NFS specific system calls. 464 * Allows a process to bind to ports reserved by NFS: ports 2049 (nfs) 465 * and port 4045 (lockd). 466 */ 467 #define PRIV_SYS_NFS ((const char *)"sys_nfs") 468 469 /* 470 * Allows a process to create and delete processor sets, assign 471 * CPUs to processor sets and override the PSET_NOESCAPE property. 472 * Allows a process to change the operational status of CPUs in 473 * the system using p_online(2). 474 * Allows a process to configure resource pools and to bind 475 * processes to pools 476 */ 477 #define PRIV_SYS_RES_CONFIG ((const char *)"sys_res_config") 478 479 /* 480 * Allows a process to modify the resource limits specified 481 * by setrlimit(2) and setrctl(2) without restriction. 482 * Allows a process to exceed the per-user maximum number of 483 * processes. 484 * Allows a process to extend or create files on a filesystem that 485 * has less than minfree space in reserve. 486 */ 487 #define PRIV_SYS_RESOURCE ((const char *)"sys_resource") 488 489 /* 490 * Allows a process to access the Sun private SMB kernel module. 491 * Allows a process to bind to ports reserved by NetBIOS and SMB: 492 * ports 137 (NBNS), 138 (NetBIOS Datagram Service), 139 (NetBIOS 493 * Session Service and SMB-over-NBT) and 445 (SMB-over-TCP). 494 */ 495 #define PRIV_SYS_SMB ((const char *)"sys_smb") 496 497 /* 498 * Allows a process to successfully call a third party loadable module 499 * that calls the kernel suser() function to check for allowed access. 500 * This privilege exists only for third party loadable module 501 * compatibility and is not used by Solaris proper. 502 */ 503 #define PRIV_SYS_SUSER_COMPAT ((const char *)"sys_suser_compat") 504 505 /* 506 * Allows a process to manipulate system time using any of the 507 * appropriate system calls: stime, adjtime, ntp_adjtime and 508 * the IA specific RTC calls. 509 */ 510 #define PRIV_SYS_TIME ((const char *)"sys_time") 511 512 /* 513 * Allows a process to translate labels that are not dominated 514 * by the process' sensitivity label to and from an external 515 * string form. 516 * This privilege is interpreted only if the system is configured 517 * with Trusted Extensions. 518 */ 519 #define PRIV_SYS_TRANS_LABEL ((const char *)"sys_trans_label") 520 521 /* 522 * Allows a process to manage virtualized environments such as 523 * xVM(5). 524 */ 525 #define PRIV_VIRT_MANAGE ((const char *)"virt_manage") 526 527 /* 528 * Allows a process to override colormap restrictions. 529 * Allows a process to install or remove colormaps. 530 * Allows a process to retrieve colormap cell entries allocated 531 * by other processes. 532 * This privilege is interpreted only if the system is configured 533 * with Trusted Extensions. 534 */ 535 #define PRIV_WIN_COLORMAP ((const char *)"win_colormap") 536 537 /* 538 * Allows a process to configure or destroy resources that are 539 * permanently retained by the X server. 540 * Allows a process to use SetScreenSaver to set the screen 541 * saver timeout value. 542 * Allows a process to use ChangeHosts to modify the display 543 * access control list. 544 * Allows a process to use GrabServer. 545 * Allows a process to use the SetCloseDownMode request which 546 * may retain window, pixmap, colormap, property, cursor, font, 547 * or graphic context resources. 548 * This privilege is interpreted only if the system is configured 549 * with Trusted Extensions. 550 */ 551 #define PRIV_WIN_CONFIG ((const char *)"win_config") 552 553 /* 554 * Allows a process to read from a window resource that it does 555 * not own (has a different user ID). 556 * This privilege is interpreted only if the system is configured 557 * with Trusted Extensions. 558 */ 559 #define PRIV_WIN_DAC_READ ((const char *)"win_dac_read") 560 561 /* 562 * Allows a process to write to or create a window resource that 563 * it does not own (has a different user ID). A newly created 564 * window property is created with the window's user ID. 565 * This privilege is interpreted only if the system is configured 566 * with Trusted Extensions. 567 */ 568 #define PRIV_WIN_DAC_WRITE ((const char *)"win_dac_write") 569 570 /* 571 * Allows a process to perform operations on window input devices. 572 * Allows a process to get and set keyboard and pointer controls. 573 * Allows a process to modify pointer button and key mappings. 574 * This privilege is interpreted only if the system is configured 575 * with Trusted Extensions. 576 */ 577 #define PRIV_WIN_DEVICES ((const char *)"win_devices") 578 579 /* 580 * Allows a process to use the direct graphics access (DGA) X protocol 581 * extensions. Direct process access to the frame buffer is still 582 * required. Thus the process must have MAC and DAC privileges that 583 * allow access to the frame buffer, or the frame buffer must be 584 * allocated to the process. 585 * This privilege is interpreted only if the system is configured 586 * with Trusted Extensions. 587 */ 588 #define PRIV_WIN_DGA ((const char *)"win_dga") 589 590 /* 591 * Allows a process to set the sensitivity label of a window resource 592 * to a sensitivity label that does not dominate the existing 593 * sensitivity label. 594 * This privilege is interpreted only if the system is configured 595 * with Trusted Extensions. 596 */ 597 #define PRIV_WIN_DOWNGRADE_SL ((const char *)"win_downgrade_sl") 598 599 /* 600 * Allows a process to set a font path. 601 * This privilege is interpreted only if the system is configured 602 * with Trusted Extensions. 603 */ 604 #define PRIV_WIN_FONTPATH ((const char *)"win_fontpath") 605 606 /* 607 * Allows a process to read from a window resource whose sensitivity 608 * label is not equal to the process sensitivity label. 609 * This privilege is interpreted only if the system is configured 610 * with Trusted Extensions. 611 */ 612 #define PRIV_WIN_MAC_READ ((const char *)"win_mac_read") 613 614 /* 615 * Allows a process to create a window resource whose sensitivity 616 * label is not equal to the process sensitivity label. 617 * A newly created window property is created with the window's 618 * sensitivity label. 619 * This privilege is interpreted only if the system is configured 620 * with Trusted Extensions. 621 */ 622 #define PRIV_WIN_MAC_WRITE ((const char *)"win_mac_write") 623 624 /* 625 * Allows a process to request inter-window data moves without the 626 * intervention of the selection confirmer. 627 * This privilege is interpreted only if the system is configured 628 * with Trusted Extensions. 629 */ 630 #define PRIV_WIN_SELECTION ((const char *)"win_selection") 631 632 /* 633 * Allows a process to set the sensitivity label of a window 634 * resource to a sensitivity label that dominates the existing 635 * sensitivity label. 636 * This privilege is interpreted only if the system is configured 637 * with Trusted Extensions. 638 */ 639 #define PRIV_WIN_UPGRADE_SL ((const char *)"win_upgrade_sl") 640 641 /* 642 * Allows a process access to the xVM(5) control devices for 643 * managing guest domains and the hypervisor. This privilege is 644 * used only if booted into xVM on x86 platforms. 645 */ 646 #define PRIV_XVM_CONTROL ((const char *)"xvm_control") 647 648 649 /* 650 * Privilege set names 651 */ 652 /* 653 * Set of privileges currently in effect. 654 */ 655 #define PRIV_EFFECTIVE ((const char *)"Effective") 656 657 /* 658 * Set of privileges that comes into effect on exec. 659 */ 660 #define PRIV_INHERITABLE ((const char *)"Inheritable") 661 662 /* 663 * Set of privileges that can be put into the effective set without 664 * restriction. 665 */ 666 #define PRIV_PERMITTED ((const char *)"Permitted") 667 668 /* 669 * Set of privileges that determines the absolute upper bound of 670 * privileges this process and its off-spring can obtain. 671 */ 672 #define PRIV_LIMIT ((const char *)"Limit") 673 674 675 #endif /* __PRIV_CONST_IMPL */ 676 677 #ifdef __cplusplus 678 } 679 #endif 680 681 #endif /* _SYS_PRIV_NAMES_H */ 682