Manual Page Search Parameters
openpam_borrow_cred(3) temporarily borrow user credentials
openpam, openpam_borrow_cred, openpam_free_data, openpam_free_envlist, openpam_get_feature, openpam_get_option, openpam_log, openpam_nullconv, openpam_readline, openpam_readlinev, openpam_readword, openpam_restore_cred, openpam_set_feature, openpam_set_option, openpam_straddch, openpam_subst, openpam_ttyconv, pam_error, pam_get_authtok, pam_info, pam_prompt, pam_setenv, pam_verror, pam_vinfo, pam_vprompt(3) Pluggable Authentication Modules Library
OPENPAM_BORROW_CRED(3) MidnightBSD Library Functions Manual OPENPAM_BORROW_CRED(3)

openpam_borrow_credtemporarily borrow user credentials

#include <sys/types.h>
#include <security/pam_appl.h>
#include <security/openpam.h>

int
openpam_borrow_cred(pam_handle_t *pamh, const struct passwd *pwd);

The () function saves the current credentials and switches to those of the user specified by its pwd argument. The affected credentials are the effective UID, the effective GID, and the group access list. The original credentials can be restored using openpam_restore_cred(3).

The openpam_borrow_cred() function returns one of the following values:

[PAM_SUCCESS]
Success.
[PAM_BUF_ERR]
Memory buffer error.
[PAM_PERM_DENIED]
Permission denied.
[PAM_SYSTEM_ERR]
System error.

setegid(2), seteuid(2), setgroups(2), openpam_restore_cred(3), pam(3), pam_strerror(3)

The openpam_borrow_cred() function is an OpenPAM extension.

The openpam_borrow_cred() function and this manual page were developed for the FreeBSD Project by ThinkSec AS and Network Associates Laboratories, the Security Research Division of Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 (“CBOSS”), as part of the DARPA CHATS research program.

The OpenPAM library is maintained by Dag-Erling Smørgrav <des@des.no>.

February 24, 2019 midnightbsd-3.1