Security.h 1.9 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768
  1. /* vim: set expandtab ts=4 sw=4: */
  2. /*
  3. * You may redistribute this program and/or modify it under the terms of
  4. * the GNU General Public License as published by the Free Software Foundation,
  5. * either version 3 of the License, or (at your option) any later version.
  6. *
  7. * This program is distributed in the hope that it will be useful,
  8. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  9. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  10. * GNU General Public License for more details.
  11. *
  12. * You should have received a copy of the GNU General Public License
  13. * along with this program. If not, see <https://www.gnu.org/licenses/>.
  14. */
  15. #ifndef Security_H
  16. #define Security_H
  17. #include "benc/Dict.h"
  18. #include "memory/Allocator.h"
  19. #include "exception/Er.h"
  20. #include "util/log/Log.h"
  21. #include "util/events/EventBase.h"
  22. #include "util/Linker.h"
  23. #ifdef win32
  24. Linker_require("util/Security_win32.c")
  25. #else
  26. Linker_require("util/Security.c")
  27. #endif
  28. #include <stdint.h>
  29. #include <stdbool.h>
  30. struct Security_Permissions
  31. {
  32. int noOpenFiles;
  33. int seccompExists;
  34. int seccompEnforcing;
  35. int uid;
  36. };
  37. struct Security
  38. {
  39. bool setupComplete;
  40. };
  41. Er_DEFUN(void Security_setUser(int uid,
  42. int gid,
  43. bool keepNetAdmin,
  44. struct Log* logger,
  45. struct Allocator* alloc));
  46. Er_DEFUN(void Security_nofiles(struct Allocator* errAlloc));
  47. Er_DEFUN(void Security_noforks(struct Allocator* errAlloc));
  48. Er_DEFUN(void Security_chroot(char* root, struct Allocator* errAlloc));
  49. Er_DEFUN(void Security_seccomp(struct Allocator* tempAlloc, struct Log* logger));
  50. void Security_setupComplete(struct Security* security);
  51. struct Security* Security_new(struct Allocator* alloc, struct Log* log, struct EventBase* base);
  52. Dict* Security_getUser(char* userName, struct Allocator* retAlloc);
  53. Er_DEFUN(struct Security_Permissions* Security_checkPermissions(struct Allocator* alloc));
  54. #endif