The major data types that are used by the privilege interfaces are:
Privilege type – An individual privilege is represented by the priv_t type definition. You initialize a variable of type priv_t with a privilege ID string, as follows:
priv_t priv_id = PRIV_FILE_DAC_WRITE;
Privilege set type – Privilege sets are represented by the priv_set_t data structure. Use one of the privilege manipulation functions shown in Table 2–1 to initialize variables of type priv_set_t.
Privilege operation type – The type of operation to be performed on a file or process privilege set is represented by the priv_op_t type definition. Not all operations are valid for every type of privilege set. Read the privilege set descriptions in Programming with Privileges for details.
Privilege operations can have the following values:
PRIV_ON – Turn the privileges that have been asserted in the priv_set_t structure on in the specified file or process privilege set.
PRIV_OFF – Turn the privileges asserted in the priv_set_t structure off in the specified file or process privilege set.
PRIV_SET – Set the privileges in the specified file or process privilege set to the privileges asserted in the priv_set_t structure. If the structure is initialized to empty, PRIV_SET sets the privilege set to none.