1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "sandbox/linux/services/credentials.h"
8 #include <sys/capability.h>
10 #include "base/basictypes.h"
11 #include "base/logging.h"
15 struct CapFreeDeleter {
16 inline void operator()(cap_t cap) const {
17 int ret = cap_free(cap);
22 // Wrapper to manage libcap2's cap_t type.
23 typedef scoped_ptr<typeof(*((cap_t)0)), CapFreeDeleter> ScopedCap;
25 struct CapTextFreeDeleter {
26 inline void operator()(char* cap_text) const {
27 int ret = cap_free(cap_text);
32 // Wrapper to manage the result from libcap2's cap_from_text().
33 typedef scoped_ptr<char, CapTextFreeDeleter> ScopedCapText;
39 Credentials::Credentials() {
42 Credentials::~Credentials() {
45 void Credentials::DropAllCapabilities() {
46 ScopedCap cap(cap_init());
48 PCHECK(0 == cap_set_proc(cap.get()));
51 bool Credentials::HasAnyCapability() {
52 ScopedCap current_cap(cap_get_proc());
54 ScopedCap empty_cap(cap_init());
56 return cap_compare(current_cap.get(), empty_cap.get()) != 0;
59 scoped_ptr<std::string> Credentials::GetCurrentCapString() {
60 ScopedCap current_cap(cap_get_proc());
62 ScopedCapText cap_text(cap_to_text(current_cap.get(), NULL));
64 return scoped_ptr<std::string> (new std::string(cap_text.get()));
67 } // namespace sandbox.