Mercurial > dovecot > original-hg > dovecot-1.2
view src/lib/restrict-access.h @ 9658:8ba4253adc9b HEAD tip
*-login: SSL connections didn't get closed when the client got destroyed.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Thu, 08 May 2014 16:41:29 +0300 |
parents | c002187195bd |
children |
line wrap: on
line source
#ifndef RESTRICT_ACCESS_H #define RESTRICT_ACCESS_H /* set environment variables so they can be read with restrict_access_by_env(). If privileged_gid != (gid_t)-1, the privileged GID can be temporarily enabled/disabled. */ void restrict_access_set_env(const char *user, uid_t uid, gid_t gid, gid_t privileged_gid, const char *chroot_dir, gid_t first_valid_gid, gid_t last_valid_gid, const char *extra_groups); /* chroot, setuid() and setgid() based on environment variables. If disallow_roots is TRUE, we'll kill ourself if we didn't have the environment settings and we have root uid or gid. */ void restrict_access_by_env(bool disallow_root); /* Try to set up the process in a way that core dumps are still allowed after calling restrict_access_by_env(). */ void restrict_access_allow_coredumps(bool allow); /* If privileged_gid was set, these functions can be used to temporarily gain access to the group. */ int restrict_access_use_priv_gid(void); void restrict_access_drop_priv_gid(void); /* Returns TRUE if privileged GID exists for this process. */ bool restrict_access_have_priv_gid(void); gid_t *restrict_get_groups_list(unsigned int *gid_count_r); #endif