NAME
openpam_borrow_cred
- temporarily borrow user credentials
LIBRARY
SYNOPSIS
int
openpam_borrow_cred(
pam_handle_t *pamh
, const struct passwd *pwd
)
DESCRIPTION
The
openpam_borrow_cred
function saves the current credentials and
switches to those of the user specified by its
pwd
argument.
The affected credentials are the effective UID, the effective GID, and
the group access list.
The original credentials can be restored using
openpam_restore_cred(3).
RETURN VALUES
The
openpam_borrow_cred
function returns one of the following values:
- [
PAM_BUF_ERR
] -
Memory buffer error.
- [
PAM_PERM_DENIED
] -
Permission denied.
- [
PAM_SYSTEM_ERR
] -
System error.
SEE ALSO
setegid(2),
seteuid(2),
setgroups(2),
openpam_restore_cred(3),
pam(3),
pam_strerror(3)
STANDARDS
The
openpam_borrow_cred
function is an OpenPAM extension.
AUTHORS
The
openpam_borrow_cred
function and this manual page were developed for the
FreeBSD
Project by ThinkSec AS and Network Associates Laboratories, the
Security Research Division of Network Associates, Inc. under
DARPA/SPAWAR contract N66001-01-C-8035
(``CBOSS''),
as part of the DARPA CHATS research program.