Module Pike.Security

Description

Pike has an optional internal security system, which can be enabled with the configure-option --with-security.

The security system is based on attaching credential objects (Pike.Security.Creds) to objects, programs, arrays, mappings or multisets.

A credential object in essence holds three values:

user -- The owner.

allow_bits -- Run-time access permissions.

data_bits -- Data access permissions.

Constant BIT_CALL

constant Pike.Security.BIT_CALL

Description

Allow calling of functions.

Constant BIT_CONDITIONAL_IO

constant Pike.Security.BIT_CONDITIONAL_IO

Description

Allow conditional useage of I/O. The callbacks valid_open and valid_io will be called in the User object in the current Creds object to determine if the I/O is allowed or not.

Constant BIT_DESTRUCT

constant Pike.Security.BIT_DESTRUCT

Description

Allow use of destruct.

Constant BIT_INDEX

constant Pike.Security.BIT_INDEX

Description

Allow indexing.

Constant BIT_NOT_SETUID

constant Pike.Security.BIT_NOT_SETUID

Description

Don't change active credentials on function call.

Constant BIT_SECURITY

constant Pike.Security.BIT_SECURITY

Description

Allow usage of security related functions.

Constant BIT_SET_INDEX

constant Pike.Security.BIT_SET_INDEX

Description

Allow setting of indices.