*nix Documentation Project
·  Home
 +   man pages
·  Linux HOWTOs
·  FreeBSD Tips
·  *niX Forums

  man pages->FreeBSD man pages -> crhold (9)              



NAME    [Toc]    [Back]

     ucred, crget, crhold, crfree, crshared, crcopy, crdup, cru2x,
     cred_update_thread -- functions related to user credentials

SYNOPSIS    [Toc]    [Back]

     #include <sys/param.h>
     #include <sys/ucred.h>

     struct ucred *

     struct ucred *
     crhold(struct ucred *cr);

     crfree(struct ucred *cr);

     crshared(struct ucred *cr);

     crcopy(struct ucred *dest, struct ucred *src);

     struct ucred *
     crdup(struct ucred *cr);

     cru2x(struct ucred *cr, struct xucred *xcr);

     cred_update_thread(struct thread *td);

DESCRIPTION    [Toc]    [Back]

     The ucred family of functions is used to manage user credential structures
 (struct ucred) within the kernel.

     The crget() function allocates memory for a new structure, sets its reference
 count to 1, and initializes its lock.

     The crhold() function increases the reference count on the credential.

     The crfree() function decreases the reference count on the credential.
     If the count drops to 0, the storage for the structure is freed.

     The crshared() function returns true if the credential is shared.	A credential
 is considered to be shared if its reference count is greater than

     The crcopy() function copies the contents of the source (template) credential
 into the destination template.  The uidinfo structure within the
     destination is referenced by calling uihold(9).

     The crdup() function allocates memory for a new structure and copies the
     contents of cr into it.  The actual copying is performed by crcopy().

     The cru2x() function converts a ucred structure to an xucred structure.
     That is, it copies data from cr to xcr; it ignores fields in the former
     that are not present in the latter (e.g., cr_uidinfo), and appropriately
     sets fields in the latter that are not present in the former (e.g.,

     The cred_update_thread() function sets the credentials of td to that of
     its process, freeing its old credential if required.

RETURN VALUES    [Toc]    [Back]

     crget(), crhold() and crdup() all return a pointer to a ucred structure.

     crshared() returns 0 if the credential has a reference count greater than
     1; otherwise, 1 is returned.

USAGE NOTES    [Toc]    [Back]

     As of FreeBSD 5.0, the ucred structure contains extensible fields.  This
     means that the correct protocol must always be followed to create a fresh
     and writable credential structure: new credentials must always be derived
     from existing credentials using crget() and crcopy().

     In the common case, credentials required for access control decisions are
     used in a read-only manner.  In these circumstances, the thread credential
 td_ucred should be used, as it requires no locking to access safely,
     and remains stable for the duration of the call even in the face of a
     multi-threaded application changing the process credentials from another
     thread.  Primitives such as suser(9) will assume the use of td_ucred
     unless explicitly specified using suser_cred(9).

     During a process credential update, the process lock must be held across
     check and update, to prevent race conditions.  The process credential,
     td->td_proc->p_ucred, must be used both for check and update.  If a
     process credential is updated during a system call and checks against the
     thread credential are to be made later during the same system call, the
     thread credential must also be refreshed from the process credential so
     as to prevent use of a stale value.  To avoid this scenario, it is recommended
 that system calls updating the process credential be designed to
     avoid other authorization functions.

     If temporarily elevated privileges are required for a thread, the thread
     credential can by replaced for the duration of an activity, or for the
     remainder of the system call.  However, as a thread credential is often
     shared, appropriate care should be taken to make sure modifications are
     made to a writable credential through the use of crget() and crcopy().

     Caution should be exercised when checking authorization for a thread or
     process perform an operation on another thread or process.  As a result
     of temporary elevation, the target thread credential should never be used
     as the target credential in an access control decision: the process credential
 associated with the thread, td->td_proc->p_ucred, should be used
     instead.  For example, p_candebug(9) accepts a target process, not a target
 thread, for access control purposes.

SEE ALSO    [Toc]    [Back]


AUTHORS    [Toc]    [Back]

     This man page was written by Chad David <davidc@acns.ab.ca>.

FreeBSD 5.2.1			 March 3, 2002			 FreeBSD 5.2.1
[ Back ]
 Similar pages
Name OS Title
openpam_borrow_cred FreeBSD temporarily borrow user credentials
userdel Linux Delete a user account and related files
pam_setcred FreeBSD modify / delete user credentials for an authentication service
pam_setcred HP-UX modify/delete user credentials for an authentication service
gss_add_cred Tru64 Obtain credentials that allow a user to accept security contexts.
csf_gss_renew_cred Tru64 Extension that renews user credentials for the Kerberos 5 security mechanism
i386_vm86 FreeBSD control vm86-related functions
fp_class Tru64 Related miscellaneous IEEE arithmetic functions.
finite Tru64 Related miscellaneous IEEE arithmetic functions.
ieee_functions Tru64 Related miscellaneous IEEE arithmetic functions.
Copyright © 2004-2005 DeniX Solutions SRL
newsletter delivery service