libsecurity_authorization/lib/AuthorizationPriv.h

   1 /*
   2  * Copyright (c) 2002-2004 Apple Computer, Inc. All Rights Reserved.
   3  *
   4  * @APPLE_LICENSE_HEADER_START@
   5  *
   6  * This file contains Original Code and/or Modifications of Original Code
   7  * as defined in and that are subject to the Apple Public Source License
   8  * Version 2.0 (the 'License'). You may not use this file except in
   9  * compliance with the License. Please obtain a copy of the License at
  10  * http://www.opensource.apple.com/apsl/ and read it before using this
  11  * file.
  12  *
  13  * The Original Code and all software distributed under the License are
  14  * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
  15  * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
  16  * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
  17  * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
  18  * Please see the License for the specific language governing rights and
  19  * limitations under the License.
  20  *
  21  * @APPLE_LICENSE_HEADER_END@
  22  */
  23
  24
  25 /*
  26  *  AuthorizationPriv.h -- Authorization SPIs
  27  *  Private APIs for implementing access control in applications and daemons.
  28  *
  29  */
  30
  31 #ifndef _SECURITY_AUTHORIZATIONPRIV_H_
  32 #define _SECURITY_AUTHORIZATIONPRIV_H_
  33
  34 #include <Security/Authorization.h>
  35 #include <Security/AuthSession.h>
  36 #include <sys/types.h>  // uid_t
  37
  38 #if defined(__cplusplus)
  39 extern "C" {
  40 #endif
  41
  42
  43 /*!
  44         @header AuthorizationPriv
  45         Version 1.1 04/2003
  46
  47         This header contains private APIs for authorization services.
  48         This is the private extension of <Security/Authorization.h>, a public header file.
  49 */
  50
  51 /*!
  52         @enum Private (for now) AuthorizationFlags
  53 */
  54 enum {
  55         kAuthorizationFlagLeastPrivileged               = (1 << 5)
  56 };
  57
  58 /*!
  59         @function SessionSetDistinguishedUser
  60         This function allows the creator of a (new) security session to associate an arbitrary
  61         UNIX user identity (uid) with the session. This uid can be retrieved with
  62         SessionGetDistinguishedUser by anyone who knows the session's id, and may also
  63         be used by the system for identification (but not authentication) purposes.
  64
  65         This call can only be made by the process that created the session, and only
  66         once.
  67
  68         This is a private API, and is subject to change.
  69
  70         @param session (input) Session-id for which to set the uid. Can be one of the
  71         special constants defined in AuthSession.h.
  72         @param user (input) The uid to set.
  73  */
  74 OSStatus SessionSetDistinguishedUser(SecuritySessionId session, uid_t user);
  75
  76
  77 /*!
  78         @function SessionGetDistinguishedUser
  79         Retrieves the distinguished uid of a session as set by the session creator
  80         using the SessionSetDistinguishedUser call.
  81
  82         @param session (input) Session-id for which to set the uid. Can be one of the
  83         special constants defined in AuthSession.h.
  84         @param user (output) Will receive the uid. Unchanged on error.
  85  */
  86 OSStatus SessionGetDistinguishedUser(SecuritySessionId session, uid_t *user);
  87
  88 /*!
  89         @function SessionSetUserPreferences
  90         Set preferences from current application context for session (for use during agent interactions).
  91
  92         @param session (input) Session-id for which to set the user preferences. Can be one of the special constants defined in AuthSession.h.
  93  */
  94 OSStatus SessionSetUserPreferences(SecuritySessionId session);
  95
  96
  97 #if defined(__cplusplus)
  98 }
  99 #endif
 100
 101 #endif /* !_SECURITY_AUTHORIZATIONPRIV_H_ */