GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  _SECURE_PATH (3)

NAME

_secure_path - determine if a file appears to be secure

CONTENTS

Library
Synopsis
Description
Return Values
See Also
History
Bugs

LIBRARY


.Lb libutil

SYNOPSIS


.In sys/types.h
.In libutil.h int _secure_path const char *path uid_t uid gid_t gid

DESCRIPTION

This function does some basic security checking on a given path. It is intended to be used by processes running with root privileges in order to decide whether or not to trust the contents of a given file. It uses a method often used to detect system compromise.

A file is considered 'secure' if it meets the following conditions:

  1. The file exists, and is a regular file (not a symlink, device special or named pipe, etc.),
  2. Is not world writable.
  3. Is owned by the given uid or uid 0, if uid is not -1,
  4. Is not group writable or it has group ownership by the given gid, if gid is not -1.

RETURN VALUES

This function returns zero if the file exists and may be considered secure, -2 if the file does not exist, and -1 otherwise to indicate a security failure. The syslog(3) function is used to log any failure of this function, including the reason, at LOG_ERR priority.

SEE ALSO

lstat(2), syslog(3)

HISTORY

Code from which this function was derived was contributed to the
.Fx project by Berkeley Software Design, Inc.

BUGS

The checks carried out are rudimentary and no attempt is made to eliminate race conditions between use of this function and access to the file referenced.
Search for    or go to Top of page |  Section 3 |  Main Index


Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.