blocxx
BLOCXX_NAMESPACE::Secure Namespace Reference

Classes

class  ProcessAbortException
 Secure::ProcessAbortException should be caught only at the top level of the program. More...
 

Enumerations

enum  EChildGroupAction { E_NO_EXTENDED_GROUPS = 0 , E_SOURCE_EXTENDED_GROUPS }
 

Functions

void dropPrivilegesPermanently (::uid_t newuid, ::gid_t newgid, EChildGroupAction extendedGroupAction)
 
StringArray minimalEnvironment ()
 
void runAs (char const *username, EChildGroupAction extendedGroupAction=E_SOURCE_EXTENDED_GROUPS)
 Look up user ID and group ID for username in password file, chdir to "/", then drop privileges and run with that user ID and group ID.
 
BLOCXX_COMMON_API void dropPrivilegesPermanently (uid_t newuid, gid_t newgid, EChildGroupAction extendedGroupAction)
 Changes both the effective and actual user ID to newuid, and the effective and actual group IDs to newgid, clearing out all of root's auxiliary groups.
 

Enumeration Type Documentation

◆ EChildGroupAction

Enumerator
E_NO_EXTENDED_GROUPS 
E_SOURCE_EXTENDED_GROUPS 

Definition at line 48 of file Secure.hpp.

Function Documentation

◆ dropPrivilegesPermanently() [1/2]

void BLOCXX_NAMESPACE::Secure::dropPrivilegesPermanently ( ::uid_t newuid,
::gid_t newgid,
EChildGroupAction extendedGroupAction )

Definition at line 137 of file Secure.cpp.

References ABORT_ERRNO_IF, ABORT_IF, and E_SOURCE_EXTENDED_GROUPS.

Referenced by runAs().

◆ dropPrivilegesPermanently() [2/2]

BLOCXX_COMMON_API void BLOCXX_NAMESPACE::Secure::dropPrivilegesPermanently ( uid_t newuid,
gid_t newgid,
EChildGroupAction extendedGroupAction )

Changes both the effective and actual user ID to newuid, and the effective and actual group IDs to newgid, clearing out all of root's auxiliary groups.

If newuid == -1, defaults to the actual user ID. If newgid == -1, defaults to the actual group ID.

The second parameter controls whether or not the new user's auxiliary groups are sourced.

Precondition
Currently running as root (both uid and euid).

◆ minimalEnvironment()

BLOCXX_COMMON_API StringArray BLOCXX_NAMESPACE::Secure::minimalEnvironment ( )
Returns
A minimal environment appropriate for the platform.

Definition at line 360 of file Secure.cpp.

◆ runAs()

BLOCXX_COMMON_API void BLOCXX_NAMESPACE::Secure::runAs ( char const * username,
EChildGroupAction extendedGroupAction = E_SOURCE_EXTENDED_GROUPS )

Look up user ID and group ID for username in password file, chdir to "/", then drop privileges and run with that user ID and group ID.

The extendedGroupAction parameter determines whether or not the child process's extended groups get initialized, or if it only runs with its primary group.

Precondition
Currently running as root (both uid and euid).

Definition at line 365 of file Secure.cpp.

References ABORT_ERRNO_IF, ABORT_IF, and dropPrivilegesPermanently().