Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ dg_access(2) — DG/UX R4.11MU05

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

access(2)



dg_access(2)             DG/UX B2 Security R4.12MU02            dg_access(2)


NAME
       dgaccess - check the access rights of a subject to an object.


SYNOPSIS
       #include <sys/types.h>
       #include <sys/dgtparms.h>
       #include <sys/dgaccess.h>

       int  dg_access(pid, targ_type, targ, intent, attr_p)
              pid_t               pid;
              int            targ_type;
              void           *targ;
              dg_access_type      intent;
              dg_attr_descriptor_type  *attr_p;

       where:
       pid         The process ID of a process on whose behalf an access
                   check is to be made. The attributes of this process will
                   be used to evaluate access to the object targ. As a
                   special case, when pid is 0 the calling process is
                   assumed.

       targtype   A token that identifies the type of object identified by
                   targ.  The available tokens are defined in
                   sys/dgtparms.h, as follows:


                   TFILE    The object is a file identified by a pathname
                             pointed to by targ.

                   TFIFO    The object is a fifo or pipe. This class of
                             object is different from files in that reads
                             are destructive (the size of the object is
                             reduced by the number of bytes read.)  Note
                             that a TFILE or TFD type that references a
                             fifo or pipe (named via fattach) will be
                             treated as a TFIFO type.

                   TFD      The object is a file, pipe, or socket
                             identified by a file descriptor pointed to by
                             targ.

                   TPROC    The object is a process identified by a process
                             ID pointed to by targ.  By convention, process
                             ID 0 refers to the calling process.

                   TMSG     The object is a message queue identified by a
                             message queue ID pointed to by targ.

                   TSHM     The object is a shared memory region identified
                             by a shared memory ID pointed to by targ.

                   TSEM     The object is a semaphore identified by a
                             semaphore ID pointed to by targ.

                   TSYMLINK The object is a symbolic link identified by a
                             pathname. The access check will be made on the
                             file named by the pathname pointed to by targ
                             and not the target of the symbolic link.

       targ        The address of the identifier of the object to which
                   access is to be checked.  The value of targtype
                   determines the type of entity that targ points to, as
                   described above.

       intent      The type of access check being requested. This parameter
                   is any combination (logical OR) of one or more of the
                   following values defined in sys/dgaccess.h:

                   DGACEXIST Check whether the object exists and is
                               visible to the process, pid.

                   DGACREAD  Check for read access to the data contained
                               in the object.

                   DGACWRITE Check for write access to the data contained
                               in the object.

                   DGACEXECUTE
                               Check for execute access. This request is
                               valid only when the object is a regular file
                               and is therefore mutually exclusive with
                               DGACSEARCH.

                   DGACSEARCH
                               Check for search access. This request is
                               valid only when the object is a directory
                               file and is therefore mutually exclusive with
                               DGACEXECUTE.

                   DGACATTRSET
                               Check for write access to the object's
                               attributes.  This option determines whether
                               the process, pid, can access the object to
                               change an attribute of the object.  The type
                               and value of the attribute are given in *
                               attrp.  Note that in cases where the right
                               to change a particular attribute allows any
                               value of that attribute to be set, only the
                               type is needed in attrp, and the attribute
                               pointer must be set to NULL.  Access to data
                               contained in an object is determined by
                               different access checks than is used to
                               determine access to the attributes of the
                               object.  Therefore this check may produce
                               different results than DGACWRITE, even when
                               performed for the same object and subject.

                   DGACATTRGET
                               Check for read access to the object's
                               attributes.  Since the access checks for
                               reading the object's data are different than
                               for reading attributes, this test may produce
                               different results than DGACREAD, even when
                               performed for the same object and subject.
                   The access types DGACEXECUTE and DGACSEARCH are
                   mutually exclusive.

       attrp    A pointer to a structure that identifies the type and,
                 optionally, the value of the attribute referred to when
                 DGACATTRSET or DGACATTRGET is enabled in intent.
                 This call will fail when either DGACATTRSET or
                 DGACATTRGET is enabled in intent and a type isn't given
                 or is invalid.  The attribute types are defined in
                 sys/dgaccess.h.

DESCRIPTION
       The dgaccess system call invokes the Reference Monitor to determine
       whether a process, pid, has the access rights to the object targ; as
       specified by the intent parameter.

       For the DGACATTRSET queries that specify attributes for which
       appropriate privilege is required, the privilege check will be made
       in addition to the access check performed by the reference monitor.

ACCESS CONTROL
       When MAC is configured, the calling process must have MAC read access
       to the process identified by pid and to the object * targ; or the
       caller must have appropriate privilege.

       For systems supporting the DG/UX Capability Option, appropriate
       privilege is defined as having one or more specific capabilities
       enabled in the effective capability set of the calling process.  See
       capdefaults(5) for the default capability for this system call.  On
       systems without the DG/UX Capability Option, appropriate privilege
       means that the process has an effective UID of 0.

RETURN VALUE
       1      The call completed successfully, but only because the caller
              has appropriate privilege.

       0      The call completed successfully and the caller did not need,
              or use, privilege.

       -1     An error occurred.  errno is set to indicate the error.

ERRORS
       errno may be set to one of the following error codes:

       EACCES        The caller does not have read access to the process pid
                     and/or the object, * objp.

       EACCES        The process, pid, does not have an access right
                     specified in intent to target object.

       ESRCH         The target type is TPROC and the process does not
                     exist or the caller does not have MAC read access to
                     the object.

       EPERM         The process, pid, does not have appropriate privilege
                     to set the specified attribute.

       ENOENT        The object does not exist or the caller does not have
                     MAC read access to the object.

       ENAMETOOLONG  targtype is TFILE and a component of the pathname
                     pointed at by targ exceeds the length limit for file
                     names, or the total filename is too long.

       EFAULT        The parameter targ points to an area of memory not
                     accessible to the calling process.

       ENOMEM        The operating system was unable to allocate sufficient
                     internal memory to process the system call.

       EINVAL        One or more parameter(s) is/are set to an invalid
                     value, or DGACATTRSET or DGACATTRGET is enabled
                     in intent and attrp is NULL or does not contain a
                     valid attribute type.

SEE ALSO
       dgrefmon(2), access(2), and capdefaults(5).



Licensed material--property of copyright holder(s)

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026