|
NAME
LIBRARYStandard C Library (libc, -lc) DESCRIPTIONWhen a file descriptor is created by a function such as
fhopen(2),
kqueue(2),
mq_open(2),
open(2),
pdfork(2),
pipe(2),
shm_open(2),
socket(2) or
socketpair(2), it is assigned all capability rights; for
accept(2),
accept4(2) or
openat(2), it inherits capability rights from the
"parent" file descriptor. Those rights can be reduced (but never
expanded) by using the
The rights argument should be prepared using cap_rights_init(3) family of functions. Capability rights assigned to a file descriptor can be obtained with the cap_rights_get(3) function. The complete list of the capability rights can be found in the rights(4) manual page. RETURN VALUESUpon successful completion, the value 0 is returned; otherwise the value -1 is returned and the global variable errno is set to indicate the error. EXAMPLESThe following example demonstrates how to limit file descriptor capability rights to allow reading only. cap_rights_t setrights;
char buf[1];
int fd;
fd = open("/tmp/foo", O_RDWR);
if (fd < 0)
err(1, "open() failed");
if (cap_enter() < 0)
err(1, "cap_enter() failed");
cap_rights_init(&setrights, CAP_READ);
if (cap_rights_limit(fd, &setrights) < 0)
err(1, "cap_rights_limit() failed");
buf[0] = 'X';
if (write(fd, buf, sizeof(buf)) > 0)
errx(1, "write() succeeded!");
if (read(fd, buf, sizeof(buf)) < 0)
err(1, "read() failed");
ERRORS
SEE ALSOaccept(2), accept4(2), cap_enter(2), fhopen(2), kqueue(2), mq_open(2), open(2), openat(2), pdfork(2), pipe(2), read(2), shm_open(2), socket(2), socketpair(2), write(2), cap_rights_get(3), cap_rights_init(3), err(3), capsicum(4), rights(4) HISTORYThe AUTHORSThis function was created by Pawel Jakub Dawidek <pawel@dawidek.net> under sponsorship of the FreeBSD Foundation.
|