From 6a1c4d1efcf53060fcb982478a6a2f330573c725 Mon Sep 17 00:00:00 2001 From: Conrad Meyer Date: Fri, 16 Dec 2016 01:37:44 +0000 Subject: capsicum_helpers: Add LOOKUP flag Add a helper routine for opening a directory that is restricted to being used for opening relative files as stdio streams. I think this will really help basic adaptation of multi-file programs to Capsicum. Rather than having each program initialize a rights object and ioctl/fcntl arrays for their root fd for relative opens, consolidate in the logical place. Reviewed by: oshogbo@ Sponsored by: Dell EMC Isilon Differential Revision: https://reviews.freebsd.org/D8743 --- lib/libcapsicum/capsicum_helpers.h | 3 +++ 1 file changed, 3 insertions(+) (limited to 'lib/libcapsicum') diff --git a/lib/libcapsicum/capsicum_helpers.h b/lib/libcapsicum/capsicum_helpers.h index 1f7655d5fb9e..d1a84a98a857 100644 --- a/lib/libcapsicum/capsicum_helpers.h +++ b/lib/libcapsicum/capsicum_helpers.h @@ -41,6 +41,7 @@ #define CAPH_IGNORE_EBADF 0x0001 #define CAPH_READ 0x0002 #define CAPH_WRITE 0x0004 +#define CAPH_LOOKUP 0x0008 static __inline int caph_limit_stream(int fd, int flags) @@ -54,6 +55,8 @@ caph_limit_stream(int fd, int flags) cap_rights_set(&rights, CAP_READ); if ((flags & CAPH_WRITE) != 0) cap_rights_set(&rights, CAP_WRITE); + if ((flags & CAPH_LOOKUP) != 0) + cap_rights_set(&rights, CAP_LOOKUP); if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS) { if (errno == EBADF && (flags & CAPH_IGNORE_EBADF) != 0) -- cgit v1.2.3