mantic (3) getpidcon_raw.3.gz

Provided by: libselinux1-dev_3.5-1_amd64 bug

NAME

       getcon, getprevcon, getpidcon - get SELinux security context of a process

       freecon, freeconary - free memory associated with SELinux security contexts

       getpeercon - get security context of a peer socket

       setcon - set current security context of a process

SYNOPSIS

       #include <selinux/selinux.h>

       int getcon(char **context);

       int getcon_raw(char **context);

       int getprevcon(char **context);

       int getprevcon_raw(char **context);

       int getpidcon(pid_t pid, char **context);

       int getpidcon_raw(pid_t pid, char **context);

       int getpidprevcon(pid_t pid, char **context);

       int getpidprevcon_raw(pid_t pid, char **context);

       int getpeercon(int fd, char **context);

       int getpeercon_raw(int fd, char **context);

       void freecon(char *con);

       void freeconary(char **con);

       int setcon(const char *context);

       int setcon_raw(const char *context);

DESCRIPTION

       getcon()
              retrieves the context of the current process, which must be free'd with freecon().

       getprevcon()
              same as getcon but gets the context before the last exec.

       getpidcon()
              returns  the  process  context  for  the  specified  PID, which must be free'd with
              freecon().

       getpidprevcon()
              returns the process context before the last exec for the specified PID, which  must
              be free'd with freecon().

       getpeercon()
              retrieves the context of the peer socket, which must be free'd with freecon().

       freecon()
              frees the memory allocated for a security context.

              If con is NULL, no operation is performed.

       freeconary()
              frees the memory allocated for a context array.

              If con is NULL, no operation is performed.

       setcon()
              sets  the current security context of the process to a new value.  Note that use of
              this function requires that the entire  application  be  trusted  to  maintain  any
              desired  separation  between  the  old and new security contexts, unlike exec-based
              transitions performed via setexeccon(3).  When possible, decompose your application
              and use setexeccon(3) and execve(3) instead.

              Since  access  to  file  descriptors  is  revalidated  upon use by SELinux, the new
              context must be explicitly authorized in the policy to use the  descriptors  opened
              by  the  old context if that is desired.  Otherwise, attempts by the process to use
              any existing descriptors (including stdin, stdout, and stderr) after performing the
              setcon() will fail.

              A  multi-threaded  application  can  perform a setcon() prior to creating any child
              threads, in which case all of the child  threads  will  inherit  the  new  context.
              However,  prior to Linux 2.6.28, setcon() would fail if there are any other threads
              running in the same process since this  would  yield  an  inconsistency  among  the
              security  contexts  of  threads sharing the same memory space.  Since Linux 2.6.28,
              setcon() is permitted for threads  within  a  multi-threaded  process  if  the  new
              security context is bounded by the old security context, where the bounded relation
              is defined through typebounds statements in the policy and guarantees that the  new
              security context has a subset of the permissions of the old security context.

              If  the  process  was  being  ptraced at the time of the setcon() operation, ptrace
              permission will be revalidated against the new context and the setcon()  will  fail
              if it is not allowed by policy.

       *_raw()
              getcon_raw(),      getprevcon_raw(),      getpidcon_raw(),     getpidprevcon_raw(),
              getpeercon_raw() and setcon_raw() behave identically to their non-raw  counterparts
              but do not perform context translation.

RETURN VALUE

       On error -1 is returned with errno set.  On success 0 is returned.

NOTES

       The  retrieval  functions  might  return  success  and set *context to NULL if and only if
       SELinux is not enabled.

       Querying a foreign process via its PID, e.g. getpidcon() or getpidprevcon(), is inherently
       racy and therefore should never be relied upon for security purposes.

SEE ALSO

       selinux(8), setexeccon(3)