Module: BSD::Capsicum

Extended by:

Capsicum

Included in:

Capsicum

Defined in:

lib/bsd/capsicum.rb,
lib/bsd/capsicum/ffi.rb,
lib/bsd/capsicum/version.rb,
lib/bsd/capsicum/constants.rb

Defined Under Namespace

Modules: Constants

Constant Summary

VERSION =

"0.3.0"

Instance Method Summary

• #in_capability_mode? ⇒ Boolean (also: #capability_mode?)

  Check if we’re in capability mode.

• #enter! ⇒ Boolean (also: #enter_capability_mode!)

  Enter a process into capability mode.

• #set_rights!(io, capabilities) ⇒ Boolean

  Limit the capabilities of a file descriptor.

Instance Method Details

#in_capability_mode? ⇒ Boolean Also known as: capability_mode?

Check if we’re in capability mode

Returns:

• (Boolean) —

  Returns true when the current process is in capability mode

Raises:

• (SystemCallError) —

  Might raise a subclass of SystemCallError

See Also:

• cap_getmode(2)

# File 'lib/bsd/capsicum.rb', line 20

def in_capability_mode?
  uintp = Fiddle::Pointer.malloc(Fiddle::SIZEOF_UINT)
  if FFI.cap_getmode(uintp).zero?
    uintp[0, Fiddle::SIZEOF_UINT].unpack("i") == [1]
  else
    raise SystemCallError.new("cap_getmode", Fiddle.last_error)
  end
ensure
  uintp.call_free
end

#enter! ⇒ Boolean Also known as: enter_capability_mode!

Enter a process into capability mode

Returns:

• (Boolean) —

  Returns true when successful

Raises:

• (SystemCallError) —

  Might raise a subclass of SystemCallError

See Also:

• cap_enter(2)

# File 'lib/bsd/capsicum.rb', line 40

def enter!
  FFI.cap_enter.zero? ||
  raise(SystemCallError.new("cap_enter", Fiddle.last_error))
end

#set_rights!(io, capabilities) ⇒ Boolean

Limit the capabilities of a file descriptor

Examples:

# Limit standard output capabilities to read and write
BSD::Capsicum.set_rights!(STDOUT, %i[CAP_READ CAP_WRITE])

Parameters:

• io (#to_i) —

  An IO object

• capabilities (Array<Symbol, Integer>) —

  An allowed set of capabilities

Returns:

• (Boolean) —

  Returns true when successful

Raises:

• (SystemCallError) —

  Might raise a subclass of SystemCallError

See Also:

• cap_rights_limit(2)
• See Constants for a full list of capabilities

# File 'lib/bsd/capsicum.rb', line 62

def set_rights!(io, capabilities)
  rightsp = Fiddle::Pointer.malloc(Constants::SIZEOF_CAP_RIGHTS_T)
  FFI.cap_rights_init(rightsp, *capabilities)
  FFI.cap_rights_limit(io.to_i, rightsp).zero? ||
  raise(SystemCallError.new("cap_rights_limit", Fiddle.last_error))
ensure
  rightsp.call_free
end