/usr/share/doc/racket/inside/security.html is in racket-doc 6.1-4.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 | <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"/><title>17 Security Guards</title><link rel="stylesheet" type="text/css" href="../scribble.css" title="default"/><link rel="stylesheet" type="text/css" href="../racket.css" title="default"/><link rel="stylesheet" type="text/css" href="../manual-style.css" title="default"/><link rel="stylesheet" type="text/css" href="../manual-racket.css" title="default"/><link rel="stylesheet" type="text/css" href="../doc-site.css" title="default"/><script type="text/javascript" src="../scribble-common.js"></script><script type="text/javascript" src="../manual-racket.js"></script><script type="text/javascript" src="../doc-site.js"></script><script type="text/javascript" src="../local-redirect/local-redirect.js"></script><script type="text/javascript" src="../local-redirect/local-user-redirect.js"></script><!--[if IE 6]><style type="text/css">.SIEHidden { overflow: hidden; }</style><![endif]--></head><body id="doc-racket-lang-org"><div class="tocset"><div class="tocview"><div class="tocviewlist tocviewlisttopspace"><div class="tocviewtitle"><table cellspacing="0" cellpadding="0"><tr><td style="width: 1em;"><a href="javascript:void(0);" title="Expand/Collapse" class="tocviewtoggle" onclick="TocviewToggle(this,"tocview_0");">▼</a></td><td></td><td><a href="index.html" class="tocviewlink" data-pltdoc="x">Inside:<span class="mywbr"> </span> Racket C API</a></td></tr></table></div><div class="tocviewsublistonly" style="display: block;" id="tocview_0"><table cellspacing="0" cellpadding="0"><tr><td align="right">1 </td><td><a href="overview.html" class="tocviewlink" data-pltdoc="x">Overview</a></td></tr><tr><td align="right">2 </td><td><a href="embedding.html" class="tocviewlink" data-pltdoc="x">Embedding into a Program</a></td></tr><tr><td align="right">3 </td><td><a href="Writing_Racket_Extensions.html" class="tocviewlink" data-pltdoc="x">Writing Racket Extensions</a></td></tr><tr><td align="right">4 </td><td><a href="im_values_types.html" class="tocviewlink" data-pltdoc="x">Values and Types</a></td></tr><tr><td align="right">5 </td><td><a href="im_memoryalloc.html" class="tocviewlink" data-pltdoc="x">Memory Allocation</a></td></tr><tr><td align="right">6 </td><td><a href="im_env.html" class="tocviewlink" data-pltdoc="x">Namespaces and Modules</a></td></tr><tr><td align="right">7 </td><td><a href="Procedures.html" class="tocviewlink" data-pltdoc="x">Procedures</a></td></tr><tr><td align="right">8 </td><td><a href="Evaluation.html" class="tocviewlink" data-pltdoc="x">Evaluation</a></td></tr><tr><td align="right">9 </td><td><a href="exceptions.html" class="tocviewlink" data-pltdoc="x">Exceptions and Escape Continuations</a></td></tr><tr><td align="right">10 </td><td><a href="threads.html" class="tocviewlink" data-pltdoc="x">Threads</a></td></tr><tr><td align="right">11 </td><td><a href="config.html" class="tocviewlink" data-pltdoc="x">Parameterizations</a></td></tr><tr><td align="right">12 </td><td><a href="contmarks.html" class="tocviewlink" data-pltdoc="x">Continuation Marks</a></td></tr><tr><td align="right">13 </td><td><a href="im_encodings.html" class="tocviewlink" data-pltdoc="x">String Encodings</a></td></tr><tr><td align="right">14 </td><td><a href="Bignums__Rationals__and_Complex_Numbers.html" class="tocviewlink" data-pltdoc="x">Bignums, Rationals, and Complex Numbers</a></td></tr><tr><td align="right">15 </td><td><a href="Ports_and_the_Filesystem.html" class="tocviewlink" data-pltdoc="x">Ports and the Filesystem</a></td></tr><tr><td align="right">16 </td><td><a href="Structures.html" class="tocviewlink" data-pltdoc="x">Structures</a></td></tr><tr><td align="right">17 </td><td><a href="" class="tocviewselflink" data-pltdoc="x">Security Guards</a></td></tr><tr><td align="right">18 </td><td><a href="Custodians.html" class="tocviewlink" data-pltdoc="x">Custodians</a></td></tr><tr><td align="right">19 </td><td><a href="Subprocesses.html" class="tocviewlink" data-pltdoc="x">Subprocesses</a></td></tr><tr><td align="right">20 </td><td><a href="Miscellaneous_Utilities.html" class="tocviewlink" data-pltdoc="x">Miscellaneous Utilities</a></td></tr><tr><td align="right"></td><td><a href="doc-index.html" class="tocviewlink" data-pltdoc="x">Index</a></td></tr></table></div></div></div></div><div class="maincolumn"><div class="main"><div class="navsettop"><span class="navleft"><form class="searchform"><input class="searchbox" style="color: #888;" type="text" value="...search manuals..." title="Enter a search string to search the manuals" onkeypress="return DoSearchKey(event, this, "6.1", "../");" onfocus="this.style.color="black"; this.style.textAlign="left"; if (this.value == "...search manuals...") this.value="";" onblur="if (this.value.match(/^ *$/)) { this.style.color="#888"; this.style.textAlign="center"; this.value="...search manuals..."; }"/></form> <a href="../index.html" title="up to the documentation top" data-pltdoc="x" onclick="return GotoPLTRoot("6.1");">top</a></span><span class="navright"> <a href="Structures.html" title="backward to "16 Structures"" data-pltdoc="x">← prev</a> <a href="index.html" title="up to "Inside: Racket C API"" data-pltdoc="x">up</a> <a href="Custodians.html" title="forward to "18 Custodians"" data-pltdoc="x">next →</a></span> </div><h3 x-source-module="(lib "scribblings/inside/inside.scrbl")" x-part-tag=""security"">17<tt> </tt><a name="(part._security)"></a>Security Guards</h3><p>Before a primitive procedure accesses the filesystem or creates a
network connection, it should first consult the current security guard
to determine whether such access is allowed for the current thread.</p><p>File access is normally preceded by a call to
<a href="Ports_and_the_Filesystem.html#%28cpp._scheme_expand_filename%29" class="RktStxLink" data-pltdoc="x"><span class="stt">scheme_expand_filename</span></a>, which accepts flags to indicate the
kind of filesystem access needed, so that the security guard is
consulted automatically.</p><p>An explicit filesystem-access check can be made by calling
<a href="#%28cpp._scheme_security_check_file%29" class="RktStxLink" data-pltdoc="x"><span class="stt">scheme_security_check_file</span></a>. Similarly, an explicit
network-access check is performed by calling
<a href="#%28cpp._scheme_security_check_network%29" class="RktStxLink" data-pltdoc="x"><span class="stt">scheme_security_check_network</span></a>.</p><p><div class="SIntrapara"><table cellspacing="0" cellpadding="0" class="boxed"><tr><td><table cellspacing="0" cellpadding="0"><tr><td><p><span class="stt">void</span></p></td><td><p><span class="hspace"> </span></p></td><td><p><a name="(cpp._scheme_security_check_file)"></a><a name="(idx._(gentag._550._(lib._scribblings/inside/inside..scrbl)))"></a><a href="#%28cpp._scheme_security_check_file%29" class="RktStxLink" data-pltdoc="x"><span class="stt">scheme_security_check_file</span></a></p></td><td><p><span class="stt">(</span></p></td><td><p><span class="stt">const char*</span><span class="hspace"> </span><span style="font-style: italic">who</span><span class="stt">,</span></p></td></tr><tr><td><p><span class="hspace"> </span></p></td><td><p><span class="hspace"> </span></p></td><td><p><span class="hspace"> </span></p></td><td><p><span class="hspace"> </span></p></td><td><p><span class="stt">char*</span><span class="hspace"> </span><span style="font-style: italic">filename</span><span class="stt">,</span></p></td></tr><tr><td><p><span class="hspace"> </span></p></td><td><p><span class="hspace"> </span></p></td><td><p><span class="hspace"> </span></p></td><td><p><span class="hspace"> </span></p></td><td><p><span class="stt">int</span><span class="hspace"> </span><span style="font-style: italic">guards</span><span class="stt">)</span></p></td></tr></table></td></tr></table></div><div class="SIntrapara">Consults the current security manager to determine whether access is
allowed to <span style="font-style: italic">filename</span>. The <span style="font-style: italic">guards</span> argument should be a
bitwise combination of the following:</div></p><ul><li><p><span class="stt">SCHEME_GUARD_FILE_READ</span></p></li><li><p><span class="stt">SCHEME_GUARD_FILE_WRITE</span></p></li><li><p><span class="stt">SCHEME_GUARD_FILE_EXECUTE</span></p></li><li><p><span class="stt">SCHEME_GUARD_FILE_DELETE</span></p></li><li><p><span class="stt">SCHEME_GUARD_FILE_EXISTS</span> (do not combine with other values)</p></li></ul><p>The <span style="font-style: italic">filename</span> argument can be <span class="stt">NULL</span> (in which case
<span class="RktVal">#f</span> is sent to the security manager’s procedure), and
<span style="font-style: italic">guards</span> should be <span class="stt">SCHEME_GUARD_FILE_EXISTS</span> in that case.</p><p>If access is denied, an exception is raised.</p><p><div class="SIntrapara"><table cellspacing="0" cellpadding="0" class="boxed"><tr><td><table cellspacing="0" cellpadding="0"><tr><td><p><span class="stt">void</span></p></td><td><p><span class="hspace"> </span></p></td><td><p><a name="(cpp._scheme_security_check_network)"></a><a name="(idx._(gentag._551._(lib._scribblings/inside/inside..scrbl)))"></a><a href="#%28cpp._scheme_security_check_network%29" class="RktStxLink" data-pltdoc="x"><span class="stt">scheme_security_check_network</span></a></p></td><td><p><span class="stt">(</span></p></td><td><p><span class="stt">const char*</span><span class="hspace"> </span><span style="font-style: italic">who</span><span class="stt">,</span></p></td></tr><tr><td><p><span class="hspace"> </span></p></td><td><p><span class="hspace"> </span></p></td><td><p><span class="hspace"> </span></p></td><td><p><span class="hspace"> </span></p></td><td><p><span class="stt">char*</span><span class="hspace"> </span><span style="font-style: italic">host</span><span class="stt">,</span></p></td></tr><tr><td><p><span class="hspace"> </span></p></td><td><p><span class="hspace"> </span></p></td><td><p><span class="hspace"> </span></p></td><td><p><span class="hspace"> </span></p></td><td><p><span class="stt">int</span><span class="hspace"> </span><span style="font-style: italic">portno</span><span class="stt">)</span></p></td></tr></table></td></tr></table></div><div class="SIntrapara">Consults the current security manager to determine whether access is
allowed for creating a client connection to <span style="font-style: italic">host</span> on port number
<span style="font-style: italic">portno</span>. If <span style="font-style: italic">host</span> is <span class="stt">NULL</span>, the security manager is
consulted for creating a server at port number <span style="font-style: italic">portno</span>.</div></p><p>If access is denied, an exception is raised.</p><div class="navsetbottom"><span class="navleft"><form class="searchform"><input class="searchbox" style="color: #888;" type="text" value="...search manuals..." title="Enter a search string to search the manuals" onkeypress="return DoSearchKey(event, this, "6.1", "../");" onfocus="this.style.color="black"; this.style.textAlign="left"; if (this.value == "...search manuals...") this.value="";" onblur="if (this.value.match(/^ *$/)) { this.style.color="#888"; this.style.textAlign="center"; this.value="...search manuals..."; }"/></form> <a href="../index.html" title="up to the documentation top" data-pltdoc="x" onclick="return GotoPLTRoot("6.1");">top</a></span><span class="navright"> <a href="Structures.html" title="backward to "16 Structures"" data-pltdoc="x">← prev</a> <a href="index.html" title="up to "Inside: Racket C API"" data-pltdoc="x">up</a> <a href="Custodians.html" title="forward to "18 Custodians"" data-pltdoc="x">next →</a></span> </div></div></div><div id="contextindicator"> </div></body></html>
|