secmodel_suser
—
super-user security model
secmodel_suser
implements the traditional
super-user (root) as the user with effective user-id 0. The
super-user is the host administrator, considered to have
higher privileges than other users.
secmodel_suser
exposes a
secmodel_eval(9)
evaluation routine to test whether a set of credentials can be assimilated to
super-user credentials or not.
The parameters to
secmodel_eval(9)
are:
- id
- the unique identifier of
secmodel_suser
:
“org.netbsd.secmodel.suser
”
- what
- a string, “
is-root
”.
- arg
- the kauth(9) credentials
(kauth_cred_t) of the caller.
- ret
- a boolean, set by
secmodel_suser
to
true
when the credentials are equivalent to
super-user, false
otherwise.
If successful, the evaluation returns 0 with the ret
argument being either true
or
false
.