summaryrefslogtreecommitdiff
path: root/apt-pkg/contrib/fileutl.h
diff options
context:
space:
mode:
authorJulian Andres Klode <jak@debian.org>2014-09-24 22:28:44 +0200
committerJulian Andres Klode <jak@debian.org>2014-09-24 22:30:31 +0200
commit13a28d8549015d2b55fadef450bc56327b4ca7a2 (patch)
treee6c7f3269fdc1be977b4bc8f0b0f3b97cdf1641a /apt-pkg/contrib/fileutl.h
parentb8dae9a106791ef9f47a516ccb62ab6050f22282 (diff)
DropPrivs: Document what it does
Git-Dch: ignore
Diffstat (limited to 'apt-pkg/contrib/fileutl.h')
-rw-r--r--apt-pkg/contrib/fileutl.h12
1 files changed, 11 insertions, 1 deletions
diff --git a/apt-pkg/contrib/fileutl.h b/apt-pkg/contrib/fileutl.h
index a8e255b86..9dd29eb9e 100644
--- a/apt-pkg/contrib/fileutl.h
+++ b/apt-pkg/contrib/fileutl.h
@@ -199,7 +199,17 @@ bool ExecWait(pid_t Pid,const char *Name,bool Reap = false);
// check if the given file starts with a PGP cleartext signature
bool StartsWithGPGClearTextSignature(std::string const &FileName);
-// process releated
+/**
+ * \brief Drop privileges
+ *
+ * Drop the privileges to the user _apt (or the one specified in
+ * APT::Sandbox::User). This does not set the supplementary group
+ * ids up correctly, it only uses the default group. Also prevent
+ * the process from gaining any new privileges afterwards, at least
+ * on Linux.
+ *
+ * \return true on success, false on failure with _error set
+ */
bool DropPrivs();
// File string manipulators