1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef SANDBOX_LINUX_SERVICES_CREDENTIALS_H_
6 #define SANDBOX_LINUX_SERVICES_CREDENTIALS_H_
8 #include "build/build_config.h"
9 // Link errors are tedious to track, raise a compile-time error instead.
10 #if defined(OS_ANDROID)
11 #error "Android is not supported."
12 #endif // defined(OS_ANDROID).
16 #include "base/basictypes.h"
17 #include "base/memory/scoped_ptr.h"
21 // This class should be used to manipulate the current process' credentials.
22 // It is currently a stub used to manipulate POSIX.1e capabilities as
23 // implemented by the Linux kernel.
29 // Drop all capabilities in the effective, inheritable and permitted sets for
30 // the current process.
31 void DropAllCapabilities();
32 // Return true iff there is any capability in any of the capabilities sets
33 // of the current process.
34 bool HasAnyCapability();
35 // Returns the capabilities of the current process in textual form, as
36 // documented in libcap2's cap_to_text(3). This is mostly useful for
37 // debugging and tests.
38 scoped_ptr<std::string> GetCurrentCapString();
41 DISALLOW_COPY_AND_ASSIGN(Credentials);
44 } // namespace sandbox.
46 #endif // SANDBOX_LINUX_SERVICES_CREDENTIALS_H_