OLD | NEW |
| (Empty) |
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "sandbox/linux/services/credentials.h" | |
6 | |
7 #include <stdio.h> | |
8 #include <sys/capability.h> | |
9 | |
10 #include "base/basictypes.h" | |
11 #include "base/logging.h" | |
12 | |
13 namespace { | |
14 | |
15 struct CapFreeDeleter { | |
16 inline void operator()(cap_t cap) const { | |
17 int ret = cap_free(cap); | |
18 CHECK_EQ(0, ret); | |
19 } | |
20 }; | |
21 | |
22 // Wrapper to manage libcap2's cap_t type. | |
23 typedef scoped_ptr<typeof(*((cap_t)0)), CapFreeDeleter> ScopedCap; | |
24 | |
25 struct CapTextFreeDeleter { | |
26 inline void operator()(char* cap_text) const { | |
27 int ret = cap_free(cap_text); | |
28 CHECK_EQ(0, ret); | |
29 } | |
30 }; | |
31 | |
32 // Wrapper to manage the result from libcap2's cap_from_text(). | |
33 typedef scoped_ptr<char, CapTextFreeDeleter> ScopedCapText; | |
34 | |
35 } // namespace. | |
36 | |
37 namespace sandbox { | |
38 | |
39 Credentials::Credentials() { | |
40 } | |
41 | |
42 Credentials::~Credentials() { | |
43 } | |
44 | |
45 void Credentials::DropAllCapabilities() { | |
46 ScopedCap cap(cap_init()); | |
47 CHECK(cap); | |
48 PCHECK(0 == cap_set_proc(cap.get())); | |
49 } | |
50 | |
51 bool Credentials::HasAnyCapability() { | |
52 ScopedCap current_cap(cap_get_proc()); | |
53 CHECK(current_cap); | |
54 ScopedCap empty_cap(cap_init()); | |
55 CHECK(empty_cap); | |
56 return cap_compare(current_cap.get(), empty_cap.get()) != 0; | |
57 } | |
58 | |
59 scoped_ptr<std::string> Credentials::GetCurrentCapString() { | |
60 ScopedCap current_cap(cap_get_proc()); | |
61 CHECK(current_cap); | |
62 ScopedCapText cap_text(cap_to_text(current_cap.get(), NULL)); | |
63 CHECK(cap_text); | |
64 return scoped_ptr<std::string> (new std::string(cap_text.get())); | |
65 } | |
66 | |
67 } // namespace sandbox. | |
OLD | NEW |