Determine if a file is trusted
#include <unistd.h> int fdistrusted( int fd );
- A descriptor for the file that you want to check.
Use the -l c option to qcc to link against this library. This library is usually included automatically.
The fdistrusted() function determines whether or not the file associated with the given file descriptor is trusted or is in a trusted filesystem.
If a privileged process (root, or non-root with the PROCMGR_AID_PROT_EXEC ability—see procmgr_ability()) attempts to mark a region of memory as PROT_EXEC, any memory-mapped files in the region must be trusted or be from a trusted filesystem.
You can use the pathtrust to mark files or filesystems as trusted. If no files or filesystems are designated as trusted, all are trusted.
EOK if the file is trusted, EPERM if it isn't, or some other errno value if an error occurred.