Linux and UNIX Man Pages

Test Your Knowledge in Computers #886
Difficulty: Medium
Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details directly from users by installing backdoors to operating systems.
True or False?
Linux & Unix Commands - Search Man Pages

freeconary(3) [centos man page]

getcon(3)						     SELinux API documentation							 getcon(3)

NAME
getcon, getprevcon, getpidcon - get SELinux security context of a process freecon, freeconary - free memory associated with SELinux security contexts getpeercon - get security context of a peer socket setcon - set current security context of a process SYNOPSIS
#include <selinux/selinux.h> int getcon(security_context_t *context); int getcon_raw(security_context_t *context); int getprevcon(security_context_t *context); int getprevcon_raw(security_context_t *context); int getpidcon(pid_t pid, security_context_t *context); int getpidcon_raw(pid_t pid, security_context_t *context); int getpeercon(int fd, security_context_t *context); int getpeercon_raw(int fd, security_context_t *context); void freecon(security_context_t con); void freeconary(security_context_t *con); int setcon(security_context_t context); int setcon_raw(security_context_t context); DESCRIPTION
getcon() retrieves the context of the current process, which must be free'd with freecon. getprevcon() same as getcon but gets the context before the last exec. getpidcon() returns the process context for the specified PID. getpeercon() retrieves context of peer socket, and set *context to refer to it, which must be free'd with freecon(). freecon() frees the memory allocated for a security context. freeconary() frees the memory allocated for a context array. If con is NULL, no operation is performed. setcon() sets the current security context of the process to a new value. Note that use of this function requires that the entire applica- tion be trusted to maintain any desired separation between the old and new security contexts, unlike exec-based transitions performed via setexeccon(3). When possible, decompose your application and use setexeccon(3) and execve(3) instead. Since access to file descriptors is revalidated upon use by SELinux, the new context must be explicitly authorized in the policy to use the descriptors opened by the old context if that is desired. Otherwise, attempts by the process to use any existing descriptors (including stdin, stdout, and stderr) after performing the setcon() will fail. A multi-threaded application can perform a setcon() prior to creating any child threads, in which case all of the child threads will inherit the new context. However, setcon() will fail if there are any other threads running in the same process. If the process was being ptraced at the time of the setcon() operation, ptrace permission will be revalidated against the new context and the setcon() will fail if it is not allowed by policy. getcon_raw(), getprevcon_raw(), getpidcon_raw(), getpeercon_raw() and setcon_raw() behave identically to their non-raw counterparts but do not perform context translation. RETURN VALUE
On error -1 is returned. On success 0 is returned. SEE ALSO
selinux(8), setexeccon(3) russell@coker.com.au 21 December 2011 getcon(3)

Check Out this Related Man Page

getcon(3)						     SELinux API documentation							 getcon(3)

NAME
getcon, getprevcon, getpidcon - get SELinux security context of a process freecon, freeconary - free memory associated with SELinux security contexts getpeercon - get security context of a peer socket setcon - set current security context of a process SYNOPSIS
#include <selinux/selinux.h> int getcon(security_context_t *context); int getcon_raw(security_context_t *context); int getprevcon(security_context_t *context); int getprevcon_raw(security_context_t *context); int getpidcon(pid_t pid, security_context_t *context); int getpidcon_raw(pid_t pid, security_context_t *context); int getpeercon(int fd, security_context_t *context); int getpeercon_raw(int fd, security_context_t *context); void freecon(security_context_t con); void freeconary(security_context_t *con); int setcon(security_context_t context); int setcon_raw(security_context_t context); DESCRIPTION
getcon() retrieves the context of the current process, which must be free'd with freecon. getprevcon() same as getcon but gets the context before the last exec. getpidcon() returns the process context for the specified PID. getpeercon() retrieves context of peer socket, and set *context to refer to it, which must be free'd with freecon(). freecon() frees the memory allocated for a security context. freeconary() frees the memory allocated for a context array. If con is NULL, no operation is performed. setcon() sets the current security context of the process to a new value. Note that use of this function requires that the entire applica- tion be trusted to maintain any desired separation between the old and new security contexts, unlike exec-based transitions performed via setexeccon(3). When possible, decompose your application and use setexeccon(3) and execve(3) instead. Since access to file descriptors is revalidated upon use by SELinux, the new context must be explicitly authorized in the policy to use the descriptors opened by the old context if that is desired. Otherwise, attempts by the process to use any existing descriptors (including stdin, stdout, and stderr) after performing the setcon() will fail. A multi-threaded application can perform a setcon() prior to creating any child threads, in which case all of the child threads will inherit the new context. However, setcon() will fail if there are any other threads running in the same process. If the process was being ptraced at the time of the setcon() operation, ptrace permission will be revalidated against the new context and the setcon() will fail if it is not allowed by policy. getcon_raw(), getprevcon_raw(), getpidcon_raw(), getpeercon_raw() and setcon_raw() behave identically to their non-raw counterparts but do not perform context translation. RETURN VALUE
On error -1 is returned. On success 0 is returned. SEE ALSO
selinux(8), setexeccon(3) russell@coker.com.au 21 December 2011 getcon(3)

Featured Tech Videos