bsdcontrol.rb/lib/bsd/control/feature.rb
2024-03-06 20:59:54 -03:00

128 lines
2.5 KiB
Ruby

module BSD::Control
class Feature < Struct.new(:name, :enable, :disable)
##
# @return [Array<BSD::Control::Feature>]
# Returns an array of available features.
def self.available
BSD::Control::FFI.available_features
end
##
# @group Actions
##
# Enables a feature for a given file.
#
# @param [String] path
# The path to a file.
#
# @raise [BSD::Control::Error]
# When the operation fails.
#
# @return [Boolean]
# Returns true on success.
def enable!(path)
set!(path, BSD::Control::Enable)
end
##
# Disables a feature for a given file.
#
# @param [String] path
# The path to a file.
#
# @raise [BSD::Control::Error]
# When the operation fails.
#
# @return [Boolean]
# Returns true on success.
def disable!(path)
set!(path, BSD::Control::Disable)
end
##
# Restore system defaults.
#
# @param [String] path
# The path to a file.
#
# @raise [BSD::Control::Error]
# When the operation fails.
#
# @return [Boolean]
# Returns true on success.
def sysdef!(path)
FFI.reset!(self, path)
end
# @endgroup
##
# @group Predicates
##
# @return [Boolean]
# Returns true for the pageexec feature.
def pageexec?
name == "pageexec"
end
##
# @return [Boolean]
# Returns true for the mprotect feature.
def mprotect?
name == "mprotect"
end
##
# @return [Boolean]
# Returns true for the segv-guard feature.
def segvguard?
name == "segvguard"
end
##
# @return [Boolean]
# Returns true for the ASLR feature.
def aslr?
name == "aslr"
end
##
# @return [Boolean]
# Returns true for the shlibrandom feature.
def shlibrandom?
name == "shlibrandom"
end
##
# @return [Boolean]
# Returns true for the disallow-map32bit feature.
def disallow_map32bit?
name == "disallow_map32bit"
end
##
# @return [Boolean]
# Returns true for the insecure kmod feature.
def insecure_kmod?
name == "insecure_kmod"
end
##
# @return [Boolean]
# Returns true for the harden SHM feature.
def harden_shm?
name == "harden_shm"
end
##
# @return [Boolean]
# Returns true for the prohibit ptrace capsicum feature.
def prohibit_ptrace_capsicum?
name == "prohibit_ptrace_capsicum"
end
# @endgroup
end
end