diff options
| author | Conrad Meyer <cem@FreeBSD.org> | 2016-12-16 01:37:44 +0000 |
|---|---|---|
| committer | Conrad Meyer <cem@FreeBSD.org> | 2016-12-16 01:37:44 +0000 |
| commit | 6a1c4d1efcf53060fcb982478a6a2f330573c725 (patch) | |
| tree | 61c25f615feeabe21f263aa4bf1e29a3c98869b7 /lib/libcapsicum | |
| parent | 6e183b4b25eabca8c696162fb4411b03d8b34f99 (diff) | |
| download | src-6a1c4d1efcf53060fcb982478a6a2f330573c725.tar.gz src-6a1c4d1efcf53060fcb982478a6a2f330573c725.zip | |
capsicum_helpers: Add LOOKUP flag
Add a helper routine for opening a directory that is restricted to being
used for opening relative files as stdio streams.
I think this will really help basic adaptation of multi-file programs to
Capsicum. Rather than having each program initialize a rights object and
ioctl/fcntl arrays for their root fd for relative opens, consolidate in the
logical place.
Reviewed by: oshogbo@
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D8743
Notes
Notes:
svn path=/head/; revision=310135
Diffstat (limited to 'lib/libcapsicum')
| -rw-r--r-- | lib/libcapsicum/capsicum_helpers.h | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/lib/libcapsicum/capsicum_helpers.h b/lib/libcapsicum/capsicum_helpers.h index 1f7655d5fb9e..d1a84a98a857 100644 --- a/lib/libcapsicum/capsicum_helpers.h +++ b/lib/libcapsicum/capsicum_helpers.h @@ -41,6 +41,7 @@ #define CAPH_IGNORE_EBADF 0x0001 #define CAPH_READ 0x0002 #define CAPH_WRITE 0x0004 +#define CAPH_LOOKUP 0x0008 static __inline int caph_limit_stream(int fd, int flags) @@ -54,6 +55,8 @@ caph_limit_stream(int fd, int flags) cap_rights_set(&rights, CAP_READ); if ((flags & CAPH_WRITE) != 0) cap_rights_set(&rights, CAP_WRITE); + if ((flags & CAPH_LOOKUP) != 0) + cap_rights_set(&rights, CAP_LOOKUP); if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS) { if (errno == EBADF && (flags & CAPH_IGNORE_EBADF) != 0) |