This next example shows the body of the example application code with comments indicating the places where setfpriv(1) should be bracketed.
PRIV_EMPTY(&priv_get); PRIV_EMPTY(&priv_set); /* Turn file_setpriv on in the effective set */ retval = setfpriv(execfile, PRIV_SET, PRIV_ALLOWED, &priv_get); /* Turn the file_setpriv privilege off */ if((string = str_to_priv_set(priv_names, &priv_set, ",")) != NULL) printf("string = %s errno = %d\n", string, errno); /* Turn file_setpriv on in the effective set */ retval = setfpriv(execfile,PRIV_ON, PRIV_ALLOWED, &priv_set); /* Turn the file_setpriv privilege off */ retval = getfpriv(execfile, PRIV_ALLOWED, &priv_get); priv_set_to_str(&priv_get, ',', buffer, &length); printf("execfile Allowed = %s\n", buffer); PRIV_EMPTY(&priv_set); PRIV_EMPTY(&priv_get); PRIV_ASSERT(&priv_set, PRIV_FILE_MAC_WRITE); /* Turn file_setpriv on in the effective set */ retval = setfpriv(execfile, PRIV_ON, PRIV_FORCED, &priv_set); /* Turn the file_setpriv privilege off */ retval = getfpriv(execfile, PRIV_FORCED, &priv_get); priv_set_to_str(&priv_get, `,', buffer, &length); printf("execfile Forced =%s\n", buffer);