create_file_securely - Create a file in the authentication
database (Enhanced Security)
#include <sys/security.h> #include <prot.h>
char *purpose );
Security library - libsecurity.so
The file parameter is the pathname to create. The decibels
parameter is AUTH_SILENT, AUTH_LIMITED, or AUTH_VERBOSE.
Using AUTH_SILENT blocks signals. The AUTH_LIMITED
constant allows a limited amount of dialog. Using
AUTH_VERBOSE specifies that the routine should try to wait
until the file can be created (up to 100 tries, 1 second
apart). The values for decibels are as follows:
AUTH_SILENT AUTH_LIMITED AUTH_VERBOSE The purpose parameter
is a tag for the audit log entry created by the audit
daemon when a file cannot be created.
The create_file_securely() routine creates a file as specified
in the file control database, /etc/auth/system/files.
It is more flexible than coding the discretionary
attributes of the file, and a further assurance
that the file being created is in accordance with security
If the path to the file being created does not exist, create_file_securely()
attempts to create the path. If each
directory in the path is not defined in the file control
database, create_file_securely() fails and returns
The create_file_securely routine returns the following
values: CFS_GOOD_RETURN CFS_CAN_NOT_OPEN_FILE
The file control database.
[ Back ]