source: trunk/include/trustfile.h@ 298

Last change on this file since 298 was 1, checked in by katerina, 19 years ago

Initial import

File size: 3.0 KB
Line 
1/*
2 * This is the header file for the trust function
3 *
4 * Author information:
5 * Matt Bishop
6 * Department of Computer Science
7 * University of California at Davis
8 * Davis, CA 95616-8562
9 * phone (916) 752-8060
10 * email bishop@cs.ucdavis.edu
11 *
12 * This code is placed in the public domain. I do ask that
13 * you keep my name associated with it, that you not represent
14 * it as written by you, and that you preserve these comments.
15 * This software is provided "as is" and without any guarantees
16 * of any sort.
17 */
18/*
19 * trustfile return codes
20 */
21#define TF_ERROR -1 /* can't check -- error */
22#define TF_NO 0 /* file isn't trustworthy */
23#define TF_YES 1 /* file is trustworthy */
24
25/*
26 * error codes
27 */
28#define TF_BADFILE 1 /* file name illegal */
29#define TF_BADNAME 2 /* name not valid (prob. ran out of room) */
30#define TF_BADSTAT 3 /* stat of file failed (see errno for why) */
31#define TF_NOROOM 4 /* not enough allocated space */
32
33/*
34 * untrustworthy codes
35 */
36#define TF_BADUID 10 /* owner nmot trustworthy */
37#define TF_BADGID 11 /* group writeable and member not trustworthy */
38#define TF_BADOTH 12 /* anyone can write it */
39
40/*
41 * the basic constant -- what is the longest path name possible?
42 * It should be at least the max path length as defined by system
43 * + 4 ("/../") + max file name length as defined by system; this
44 * should rarely fail (I rounded it up to 2048)
45 */
46#define MAXFILENAME 2048
47
48/*
49 * function declaration
50 *
51 * #ifdef __STDC__
52 * extern int trustfile(char *, int *, int *);
53 * #else
54 * extern int trustfile();
55 * #endif
56 */
57/*
58 * these are useful global variables
59 *
60 * first set: who you gonna trust, by default?
61 * if the user does not specify a trusted or untrusted set of users,
62 * all users are considered untrusted EXCEPT:
63 * UID 0 -- root as root can do anything on most UNIX systems, this
64 * seems reasonable
65 * tf_euid -- programmer-selectable UID
66 * if the caller specifies a specific UID by putting
67 * it in this variable, it will be trusted; this is
68 * typically used to trust the effective UID of the
69 * process (note: NOT the real UID, which will cause all
70 * sorts of problems!) By default, this is set to -1,
71 * so if it's not set, root is the only trusted user
72 */
73extern uid_t tf_euid; /* space for EUID of process */
74
75/*
76 * second set: how do you report problems?
77 * tf_errno on return when an error has occurred, this is set
78 * to the code indicating the reason for the error:
79 * TF_BADFILE passed NULL for pointer to file name
80 * TF_BADNAME could not expand to full path name
81 * TF_BADSTAT stat failed; usu. file doesn't exist
82 * TF_BADUID owner untrusted
83 * TF_BADGID group untrusted & can write
84 * TF_BADOTH anyone can write
85 * the value is preserved across calls where no error
86 * occurs, just like errno(2)
87 * tf_path if error occurs and a file name is involved, this
88 * contains the file name causing the problem
89 */
90extern char tf_path[MAXFILENAME]; /* error path for trust function */
91
92extern uid_t rootonly[];
93extern int EUIDSLOT;
94
Note: See TracBrowser for help on using the repository browser.