Bracketing the Call

The example uses set_effective_priv(3TSOL) to bracket. The first call turns the file_setpriv privilege on (asserts it) in the effective set; the second call turns it off. The 1 indicates the privilege parameter list has one privilege constant (PRIV_FILE_SETPRIV) in it.

/* Turn file_setpriv on in effective set */
	if (set_effective_priv(PRIV_ON, 1, PRIV_FILE_SETPRIV) == -1)
		perror("Cannot assert PRIV_FILE_SETPRIV");

/* Make interface call */
	retval = setfpriv(execfile, PRIV_SET, PRIV_ALLOWED, &priv_get);

/* Turn the file_setpriv privilege off */
	if (set_effective_priv(PRIV_OFF, 1, PRIV_FILE_SETPRIV) == -1)
		perror("Cannot clear PRIV_FILE_SETPRIV");

/* Continue application code ...*/

Previous: Continue Application Code
Next: Bracketing in Example