DragonFly On-Line Manual Pages

OPENPAM_BORROW_CRED(3)                      DragonFly Library Functions Manual

NAME
     openpam_borrow_cred - temporarily borrow user credentials

SYNOPSIS
     #include <sys/types.h>
     #include <security/pam_appl.h>
     #include <security/openpam.h>

     int
     openpam_borrow_cred(pam_handle_t *pamh, const struct passwd *pwd);

DESCRIPTION
     The openpam_borrow_cred() function saves the current credentials and
     switches to those of the user specified by its pwd argument.  The
     affected credentials are the effective UID, the effective GID, and the
     group access list.  The original credentials can be restored using
     openpam_restore_cred(3).

RETURN VALUES
     The openpam_borrow_cred() function returns one of the following values:

     [PAM_SUCCESS]       Success.

     [PAM_BUF_ERR]       Memory buffer error.

     [PAM_PERM_DENIED]   Permission denied.

     [PAM_SYSTEM_ERR]    System error.

SEE ALSO
     setegid(2), seteuid(2), setgroups(2), openpam_restore_cred(3), pam(3),
     pam_strerror(3)

STANDARDS
     The openpam_borrow_cred() function is an OpenPAM extension.

AUTHORS
     The openpam_borrow_cred() function and this manual page were developed
     for the FreeBSD Project by ThinkSec AS and Network Associates
     Laboratories, the Security Research Division of Network Associates, Inc.
     under DARPA/SPAWAR contract N66001-01-C-8035 ("CBOSS"), as part of the
     DARPA CHATS research program.

     The OpenPAM library is maintained by Dag-Erling Smorgrav <des@des.no>.

DragonFly 6.1-DEVELOPMENT      February 24, 2019     DragonFly 6.1-DEVELOPMENT