| setSecurityChecker |
(String name, Function funct) |
yoix.system |
| |
Tries to have the security manager call function
funct
whenever it needs to check the condition identified by
name,
and returns
1
on success and
0
otherwise.
The call fails when a function that is not
NULL
is already associated with
name,
or when
name
refers to a
SecurityManager
field that does not exist.
Functions installed as security checkers must return non-zero if the
operation they are protecting is allowed.
Any other result, including no return value, means the operation
will fail with a
securitycheck
error.
Security checking functions are documented in the description of the Yoix
SecurityManager.
| |
| Example: |
The program,
import yoix.io.*;
import yoix.stdio.*;
import yoix.string.*;
import yoix.system.*;
checker(name, type, mode) {
printf("readChecker name=%s, mode=%d\n", name, mode);
return(mode == READ || startsWith(name, VM.tmpdir));
}
setSecurityChecker("checkYoixOpen", checker);
fopen("/tmp/xxx", "r");
fopen("xxx", "w"); // gets a security check
installs a
checkYoixOpen
security checker that tries to restrict writes to files in the
/tmp
directory, but the simple
startsWith
test is very easy to defeat.
| | |
| Return: |
int
| | |
| See Also: |
SecurityManager,
setSecurityManager
|
|
Yoix is a registered trademark of AT&T Inc.
|
