summaryrefslogtreecommitdiff
path: root/Libraries/LibC/unistd.h
diff options
context:
space:
mode:
authorAndreas Kling <kling@serenityos.org>2020-01-20 22:12:04 +0100
committerAndreas Kling <kling@serenityos.org>2020-01-20 22:12:04 +0100
commit0569123ad7cb9c54df724c2bb85933ea3cf97134 (patch)
treecc06872dabb3d1cb4ba530d7a131e5c579f5f8dd /Libraries/LibC/unistd.h
parente711936c781b5941c323d8433ab5a141d0cccbd4 (diff)
downloadserenity-0569123ad7cb9c54df724c2bb85933ea3cf97134.zip
Kernel: Add a basic implementation of unveil()
This syscall is a complement to pledge() and adds the same sort of incremental relinquishing of capabilities for filesystem access. The first call to unveil() will "drop a veil" on the process, and from now on, only unveiled parts of the filesystem are visible to it. Each call to unveil() specifies a path to either a directory or a file along with permissions for that path. The permissions are a combination of the following: - r: Read access (like the "rpath" promise) - w: Write access (like the "wpath" promise) - x: Execute access - c: Create/remove access (like the "cpath" promise) Attempts to open a path that has not been unveiled with fail with ENOENT. If the unveiled path lacks sufficient permissions, it will fail with EACCES. Like pledge(), subsequent calls to unveil() with the same path can only remove permissions, not add them. Once you call unveil(nullptr, nullptr), the veil is locked, and it's no longer possible to unveil any more paths for the process, ever. This concept comes from OpenBSD, and their implementation does various things differently, I'm sure. This is just a first implementation for SerenityOS, and we'll keep improving on it as we go. :^)
Diffstat (limited to 'Libraries/LibC/unistd.h')
-rw-r--r--Libraries/LibC/unistd.h1
1 files changed, 1 insertions, 0 deletions
diff --git a/Libraries/LibC/unistd.h b/Libraries/LibC/unistd.h
index ab51bf1769..935392c01c 100644
--- a/Libraries/LibC/unistd.h
+++ b/Libraries/LibC/unistd.h
@@ -141,6 +141,7 @@ int reboot();
int mount(const char* source, const char* target, const char* fs_type, int flags);
int umount(const char* mountpoint);
int pledge(const char* promises, const char* execpromises);
+int unveil(const char* path, const char* permissions);
enum {
_PC_NAME_MAX,