Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ discr(S) — OpenDesktop Software Development System 1.0.0d

Media Vault

Software Library

Restoration Projects

Artifacts Sought



     DISCR(S)                  UNIX System V                  DISCR(S)



     Name
          discr - check discretionary attributes of files and programs

     Syntax
          #include <sys/types.h>
          #include <sys/security.h>
          #include <sys/audit.h>
          #include <prot.h>

          int privileged_user ();

          void setuid_least_privilege (cmd)
          char *cmd;

          void ensure_e_ids (cmd)
          char *cmd;

          void ensure_discr_file (cmd, path)
          char *cmd;
          char *path;

          int get_discr_file (path, attrs)
          char *path;
          struct discr_attr *attrs;

          int discr_check_file (path)
          char *path;

     Description
          These routines provide a means to check the discretionary
          attributes of programs and files against the values kept in
          the authentication database.  They make use of the
          ``discr_attr'' structure in <prot.h> defined as:

               struct discr_attr  {
                       unsigned short da_owner;
                       unsigned short da_group;
                       unsigned short da_mode;
                       short da_wc_owner;
                       short da_wc_group;
               };

          The da_owner, da_group, and da_mode are the same as their
          counterparts found in stat(S).  The da_wc_owner
          (da_wc_group) flag is 1 when the database specifies a wild-
          card ('*') for the owner (group) of the file.  In this case,
          the da_owner (da_group) is to be ignored and any owner
          (group) will satisfy the requirements of the database.  When
          the flag is 0, the wild-card is not in effect and the
          da_owner (da_group) value is to be believed.

          privileged_user returns 0 if the user does not have special
          privileges associated with the program and returns 1 if the
          user has special privileges.  This boolean routine can be
          used to determine how much information needs to be presented
          to the user or what types of options the user has to the
          program.

          setuid_least_privilege is used to reset effective UID and/or
          GID values to those of their real counterparts.  It is used
          after all the activities required of the setuid effective
          permissions (e.g., open files, create files, signal users)
          has been accomplished.  By closing down the extra
          privilege(s) granted by the effective IDs, the principle of
          "least privilege" is aided if not met totally.

          ensure_discr_file checks the path as it exists now in the
          file system against the discretionary values (owner, group,
          mode) in the authentication database.  If the requirements
          of the database are not met, the cmd program is first
          audited and then exited.

          get_discr_file returns the discretionary attributes of a
          file as stored in the authentication database.  These values
          may not be the same as those stored with the actual file.

          discr_check_file performs discretionary checking on the file
          designated by path and returns its results.  If the result
          is 0, the file matches the settings in the authentication
          database exactly.  If the result is positive, the file does
          not meet the requirements of the authentication database.
          If the result is negative, the file exceeds the minimum
          requirements of the authentication database (e.g., the mode
          on disk is more restrictive than that specified in the
          database).

     Notes
          These routines only work as advertised when
          set_auth_parameters from identity(S) is called as the first
          item in main().

     Files
          /tcb/files/auth/*/*

     See Also
          stat(S), authcap(S), identity(S), authaudit(S)

     Value Added
          discr is an extension of AT&T System V provided by the Santa
          Cruz Operation.







                                             (printed 6/20/89)



Typewritten Software • bear@typewritten.org • Edmonds, WA 98026