Manual Reference Pages - _SECURE_PATH (3)
- determine if a file appears to be secure
_secure_path const char *path uid_t uid gid_t gid
This function does some basic security checking on a given path.
It is intended to be used by processes running with root privileges
in order to decide whether or not to trust the contents of a given
It uses a method often used to detect system compromise.
A file is considered
if it meets the following conditions:
- The file exists, and is a regular file (not a symlink, device
special or named pipe, etc.),
- Is not world writable.
- Is owned by the given uid or uid 0, if uid is not -1,
- Is not group writable or it has group ownership by the given
gid, if gid is not -1.
This function returns zero if the file exists and may be
considered secure, -2 if the file does not exist, and
-1 otherwise to indicate a security failure.
function is used to log any failure of this function, including the
reason, at LOG_ERR priority.
Code from which this function was derived was contributed to the
project by Berkeley Software Design, Inc.
The checks carried out are rudimentary and no attempt is made
to eliminate race conditions between use of this function and
access to the file referenced.
Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.