OPENPAM_BORROW_CRED(3) | Library Functions Manual | OPENPAM_BORROW_CRED(3) |
openpam_borrow_cred
—
temporarily borrow user credentials
Pluggable Authentication Module Library (libpam, -lpam)
#include
<sys/types.h>
#include <security/pam_appl.h>
#include
<security/openpam.h>
int
openpam_borrow_cred
(pam_handle_t
*pamh, const struct
passwd *pwd);
The openpam_borrow_cred
function saves the
current credentials and switches to those of the user specified by its
pwd argument. The affected credentials are the
effective UID, the effective GID, and the group access list. The original
credentials can be restored using
openpam_restore_cred(3).
The openpam_borrow_cred
function returns
one of the following values:
PAM_BUF_ERR
]PAM_PERM_DENIED
]PAM_SYSTEM_ERR
]setegid(2), seteuid(2), setgroups(2), openpam_restore_cred(3), pam(3), pam_strerror(3)
The openpam_borrow_cred
function is an
OpenPAM extension.
The openpam_borrow_cred
function and this
manual page were developed for the FreeBSD Project
by ThinkSec AS and Network Associates Laboratories, the Security Research
Division of Network Associates, Inc. under DARPA/SPAWAR contract
N66001-01-C-8035 (“CBOSS”), as part of the DARPA CHATS
research program.
December 21, 2007 | Mac OS X 12 |