suser, suser_cred -- check if process has superuser privilege
#include <sys/param.h>
#include <sys/systm.h>
int
suser(struct thread *td);
int
suser_cred(struct ucred *cred, int flag);
The suser and suser_cred functions check if the credentials given include
superuser powers.
The suser function is the most common, and should be used unless special
circumstances dictate otherwise.
The suser_cred function should be used when the credentials to be checked
are not the thread's own, when there is no thread, or when superuser powers
should be extended to imprisoned roots.
By default a process does not command superuser powers if it has been
imprisoned by the jail(2) system call. There are cases however where
this is appropriate, and this can be done by setting the PRISON_ROOT bit
in the flags argument to the suser_cred function. It is important to
review carefully in each case that this does not weaken the prison. Generally
only where the action is protected by the chroot(2) implicit in
jail(2) call should such powers be granted.
The suser and suser_cred functions note the fact that superuser powers
have been used in the process structure of the process specified.
Because part of their function is to notice whether superuser powers have
been used, the functions should only be called after other permission
possibilities have been exhausted.
The suser and suser_cred functions return 0 if the user has superuser
powers and EPERM otherwise. This is the reverse logic of some other
implementations of suser in which a TRUE response indicates superuser
powers.
chroot(2), jail(2)
FreeBSD 5.2.1 October 15, 1996 FreeBSD 5.2.1 [ Back ] | 