1 #ifndef VSF_SECUTIL_H 2 #define VSF_SECUTIL_H 3 4 struct mystr; 5 6 /* vsf_secutil_change_credentials() 7 * PURPOSE 8 * This function securely switches process credentials to the user specified. 9 * There are options to enter a chroot() jail, and supplementary groups may 10 * or may not be activated. 11 * PARAMETERS 12 * p_user_str - the name of the user to become 13 * p_dir_str - the directory to chdir() and possibly chroot() to. 14 * (if NULL, the user's home directory is used) 15 * p_ext_dir_str - the directory to chdir() and possibly chroot() to, 16 * applied in addition to the directory calculated by 17 * p_user_str and p_dir_str. 18 * caps - bitmap of capabilities to adopt. NOTE, if the underlying 19 * OS does not support capabilities as a non-root user, and 20 * the capability bitset is non-empty, then root privileges 21 * will have to be retained. 22 * options - see bitmask definitions below 23 */ 24 25 /* chroot() the user into the new directory */ 26 #define VSF_SECUTIL_OPTION_CHROOT 1 27 /* Activate any supplementary groups the user may have */ 28 #define VSF_SECUTIL_OPTION_USE_GROUPS 2 29 /* Do the chdir() as the effective userid of the target user */ 30 #define VSF_SECUTIL_OPTION_CHANGE_EUID 4 31 /* Use RLIMIT_NOFILE to prevent the opening of new fds */ 32 #define VSF_SECUTIL_OPTION_NO_FDS 8 33 /* Use RLIMIT_NPROC to prevent the launching of new processes */ 34 #define VSF_SECUTIL_OPTION_NO_PROCS 16 35 /* Permit a writeable chroot() root */ 36 #define VSF_SECUTIL_OPTION_ALLOW_WRITEABLE_ROOT 32 37 38 void vsf_secutil_change_credentials(const struct mystr* p_user_str, 39 const struct mystr* p_dir_str, 40 const struct mystr* p_ext_dir_str, 41 unsigned int caps, unsigned int options); 42 #endif /* VSF_SECUTIL_H */ 43 44