Add improvements
This commit is contained in:
parent
997115c08e
commit
08cfdd1e81
3 changed files with 21 additions and 13 deletions
|
|
@ -55,15 +55,19 @@ module BSD::Capsicum
|
||||||
# Might raise a subclass of SystemCallError
|
# Might raise a subclass of SystemCallError
|
||||||
# @param [#to_i] io
|
# @param [#to_i] io
|
||||||
# An IO object
|
# An IO object
|
||||||
# @param [Array<String>] rights
|
# @param [Array<String>] capabilities
|
||||||
# An allowed set of capabilities
|
# An allowed set of capabilities
|
||||||
# @return [Boolean]
|
# @return [Boolean]
|
||||||
# Returns true when successful
|
# Returns true when successful
|
||||||
def set_rights!(io, rights)
|
def set_rights!(io, capabilities)
|
||||||
voidp = FFI.cap_rights_init(*rights)
|
rights = Fiddle::Pointer.malloc(Constants::SIZEOF_CAP_RIGHTS_T)
|
||||||
FFI.cap_rights_limit(io.to_i, voidp).zero? ||
|
FFI.cap_rights_init(rights, *capabilities)
|
||||||
raise(SystemCallError.new("cap_rights_limit", Fiddle.last_error))
|
if FFI.cap_rights_limit(io.to_i, rights).zero?
|
||||||
|
true
|
||||||
|
else
|
||||||
|
raise SystemCallError.new("cap_rights_limit", Fiddle.last_error)
|
||||||
|
end
|
||||||
ensure
|
ensure
|
||||||
voidp.call_free
|
rights.call_free
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
||||||
|
|
@ -91,5 +91,9 @@ module BSD::Capsicum
|
||||||
CAP_FCHDIR = 0x200000000000800
|
CAP_FCHDIR = 0x200000000000800
|
||||||
CAP_FCNTL = 0x200000000008000
|
CAP_FCNTL = 0x200000000008000
|
||||||
# @endgroup
|
# @endgroup
|
||||||
|
|
||||||
|
# @group Sizes
|
||||||
|
SIZEOF_CAP_RIGHTS_T = 16
|
||||||
|
# @endgroup
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
||||||
|
|
@ -47,19 +47,19 @@ module BSD::Capsicum
|
||||||
##
|
##
|
||||||
# Provides a Ruby interface for cap_rights_init(2)
|
# Provides a Ruby interface for cap_rights_init(2)
|
||||||
# @see BSD::Capsicum::Constants See Constants for a full list of capabilities
|
# @see BSD::Capsicum::Constants See Constants for a full list of capabilities
|
||||||
# @param [Array<Integer>] rights
|
# @param [Fiddle::Pointer] rights
|
||||||
# Allowed capabilities
|
# A pointer to initialize the `cap_rights_t` structure
|
||||||
|
# @param [Array<Integer>] capabilities
|
||||||
|
# An allowed set of capabilities
|
||||||
# @return [Fiddle::Pointer]
|
# @return [Fiddle::Pointer]
|
||||||
# Returns a pointer to the structure `cap_rights_t`
|
# Returns a pointer to the structure `cap_rights_t`
|
||||||
def cap_rights_init(*rights)
|
def cap_rights_init(rights, *capabilities)
|
||||||
voidp = Fiddle::Pointer.malloc(Fiddle::SIZEOF_VOIDP)
|
varargs = capabilities.flat_map { [ULONG_LONG, (Symbol === _1) ? Constants.const_get(_1) : _1] }
|
||||||
varargs = rights.flat_map { [ULONG_LONG, (Symbol === _1) ? Constants.const_get(_1) : _1] }
|
|
||||||
Fiddle::Function.new(
|
Fiddle::Function.new(
|
||||||
libc["__cap_rights_init"],
|
libc["__cap_rights_init"],
|
||||||
[INT, VOIDP, VARIADIC],
|
[INT, VOIDP, VARIADIC],
|
||||||
VOIDP
|
VOIDP
|
||||||
).call(CAP_RIGHTS_VERSION, voidp, *varargs)
|
).call(CAP_RIGHTS_VERSION, rights, *varargs)
|
||||||
voidp
|
|
||||||
end
|
end
|
||||||
|
|
||||||
##
|
##
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue