logo
Free, unlimited AI code reviews that run on commit
git-lrc git-lrc GitHub Install Now We'd appreciate a star git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt

cap_rights_limit — limit capability rights

Contents

Authors

       This function was created by Pawel Jakub Dawidek <pawel@dawidek.net> under  sponsorship  of  the  FreeBSD
       Foundation.

Debian                                             May 5, 2020                               CAP_RIGHTS_LIMIT(2)

Description

       When  a  file  descriptor  is  created by a function such as accept(2), accept4(2), fhopen(2), kqueue(2),
       mq_open(2), open(2), openat(2), pdfork(2),  pipe(2),  shm_open(2),  socket(2)  or  socketpair(2),  it  is
       assigned  all  capability  rights.   Those  rights  can  be  reduced  (but  never  expanded) by using the
       cap_rights_limit() system call.  Once capability rights are reduced, operations on  the  file  descriptor
       will be limited to those permitted by rights.

       The rights argument should be prepared using cap_rights_init(3) family of functions.

       Capability rights assigned to a file descriptor can be obtained with the cap_rights_get(3) function.

       The complete list of the capability rights can be found in the rights(4) manual page.

Errors

cap_rights_limit() succeeds unless:

       [EBADF]            The fd argument is not a valid active descriptor.

       [EINVAL]           An invalid right has been requested in rights.

       [ENOTCAPABLE]      The rights argument  contains  capability  rights  not  present  for  the  given  file
                          descriptor.  Capability rights list can only be reduced, never expanded.

Examples

       The following example demonstrates how to limit file descriptor capability rights to allow reading only.

       cap_rights_t setrights;
       char buf[1];
       int fd;

       fd = open("/tmp/foo", O_RDWR);
       if (fd < 0)
               err(1, "open() failed");

       if (cap_enter() < 0)
               err(1, "cap_enter() failed");

       cap_rights_init(&setrights, CAP_READ);
       if (cap_rights_limit(fd, &setrights) < 0)
               err(1, "cap_rights_limit() failed");

       buf[0] = 'X';

       if (write(fd, buf, sizeof(buf)) > 0)
               errx(1, "write() succeeded!");

       if (read(fd, buf, sizeof(buf)) < 0)
               err(1, "read() failed");

History

       The cap_rights_limit() function first appeared in FreeBSD 8.3.  Support for capabilities and capabilities
       mode was developed as part of the TrustedBSD Project.

Library

       Standard C Library (libc, -lc)

Name

       cap_rights_limit — limit capability rights

Return Values

       Upon  successful  completion,  the value 0 is returned; otherwise the value -1 is returned and the global
       variable errno is set to indicate the error.

See Also

accept(2),  accept4(2),  cap_enter(2),  fhopen(2),  kqueue(2), mq_open(2), open(2), openat(2), pdfork(2),
       pipe(2), read(2), shm_open(2), socket(2), socketpair(2), write(2), cap_rights_get(3), cap_rights_init(3),
       err(3), capsicum(4), rights(4)

Synopsis

#include<sys/capsicum.h>intcap_rights_limit(intfd, constcap_rights_t*rights);
return

See Also

← View System calls Category← Back to Process management🙏  Credits & Acknowledgments