Date: Fri, 16 Dec 2016 01:37:44 +0000 (UTC) From: "Conrad E. Meyer" <cem@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r310135 - head/lib/libcapsicum Message-ID: <201612160137.uBG1biQ5012691@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: cem Date: Fri Dec 16 01:37:44 2016 New Revision: 310135 URL: https://svnweb.freebsd.org/changeset/base/310135 Log: capsicum_helpers: Add LOOKUP flag Add a helper routine for opening a directory that is restricted to being used for opening relative files as stdio streams. I think this will really help basic adaptation of multi-file programs to Capsicum. Rather than having each program initialize a rights object and ioctl/fcntl arrays for their root fd for relative opens, consolidate in the logical place. Reviewed by: oshogbo@ Sponsored by: Dell EMC Isilon Differential Revision: https://reviews.freebsd.org/D8743 Modified: head/lib/libcapsicum/capsicum_helpers.h Modified: head/lib/libcapsicum/capsicum_helpers.h ============================================================================== --- head/lib/libcapsicum/capsicum_helpers.h Fri Dec 16 01:14:00 2016 (r310134) +++ head/lib/libcapsicum/capsicum_helpers.h Fri Dec 16 01:37:44 2016 (r310135) @@ -41,6 +41,7 @@ #define CAPH_IGNORE_EBADF 0x0001 #define CAPH_READ 0x0002 #define CAPH_WRITE 0x0004 +#define CAPH_LOOKUP 0x0008 static __inline int caph_limit_stream(int fd, int flags) @@ -54,6 +55,8 @@ caph_limit_stream(int fd, int flags) cap_rights_set(&rights, CAP_READ); if ((flags & CAPH_WRITE) != 0) cap_rights_set(&rights, CAP_WRITE); + if ((flags & CAPH_LOOKUP) != 0) + cap_rights_set(&rights, CAP_LOOKUP); if (cap_rights_limit(fd, &rights) < 0 && errno != ENOSYS) { if (errno == EBADF && (flags & CAPH_IGNORE_EBADF) != 0)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201612160137.uBG1biQ5012691>