net » xrootd » src » xrootd » src » XrdSys

XrdSysPriv.hh

Go to the documentation of this file.
00001 #ifndef __SYS_PRIV_H__
00002 #define __SYS_PRIV_H__
00003 /******************************************************************************/
00004 /*                                                                            */
00005 /*                     X r d S y s P r i v . h h                              */
00006 /*                                                                            */
00007 /* (c) 2006 G. Ganis (CERN)                                                   */
00008 /*     All Rights Reserved. See XrdInfo.cc for complete License Terms         */
00009 /******************************************************************************/
00010 // $Id: XrdSysPriv.hh 25932 2008-10-23 10:58:11Z ganis $
00011 
00012 //////////////////////////////////////////////////////////////////////////
00013 //                                                                      //
00014 // XrdSysPriv                                                           //
00015 //                                                                      //
00016 // Author: G. Ganis, CERN, 2006                                         //
00017 //                                                                      //
00018 // Implementation of a privileges handling API following the paper      //
00019 //   "Setuid Demystified" by H.Chen, D.Wagner, D.Dean                   //
00020 // also quoted in "Secure programming Cookbook" by J.Viega & M.Messier. //
00021 //                                                                      //
00022 // NB: this class can only used via XrdSysPrivGuard (see below)         //
00023 //                                                                      //
00024 //////////////////////////////////////////////////////////////////////////
00025 
00026 #if !defined(WINDOWS)
00027 #  include <sys/types.h>
00028 #else
00029 #  define uid_t unsigned int
00030 #  define gid_t unsigned int
00031 #endif
00032 
00033 #include "XrdSys/XrdSysPthread.hh"
00034 
00035 class XrdSysPriv
00036 {
00037  friend class XrdSysPrivGuard;
00038  private:
00039    // Ownership cannot be changed by thread, so there must be an overall
00040    // locking
00041    static XrdSysRecMutex fgMutex;
00042 
00043    XrdSysPriv();
00044 
00045    static bool fDebug;
00046 
00047    static int ChangeTo(uid_t uid, gid_t gid);
00048    static void DumpUGID(const char *msg = 0);
00049    static int Restore(bool saved = 1);
00050 
00051  public:
00052    virtual ~XrdSysPriv() { }
00053    static int ChangePerm(uid_t uid, gid_t gid);
00054 };
00055 
00056 //
00057 // Guard class;
00058 // Usage:
00059 //
00060 //    {  XrdSysPrivGuard priv(tempuid);
00061 //
00062 //       // Work as tempuid (maybe superuser)
00063 //       ...
00064 //
00065 //    }
00066 //
00067 class XrdSysPrivGuard
00068 {
00069  public:
00070    XrdSysPrivGuard(uid_t uid, gid_t gid);
00071    XrdSysPrivGuard(const char *user);
00072    virtual ~XrdSysPrivGuard();
00073    bool Valid() const { return valid; }
00074  private:
00075    bool dum;
00076    bool valid;
00077    void Init(uid_t uid, gid_t gid);
00078 };
00079 
00080 #endif
Generated on Tue Jul 5 14:47:03 2011 for ROOT_528-00b_version by  doxygen 1.5.1