moved priv separation demo to sandboxv0.1

git-svn-id: svn://svn.alpinelinux.org/acf/sandbox/trunk@314 ab2d0c66-481e-0410-8bed-d214d4d58bed
author: Natanael Copa <natanael.copa@gmail.com> 2007-11-16 07:45:20 +0000
committer: Natanael Copa <natanael.copa@gmail.com> 2007-11-16 07:45:20 +0000
commit: 92838457c6cb3ccbba0f1f69c41d1da9c6f7c2d7 (patch)
tree: ee7f7fc76aa53e69b15a0460b70bc06c77ac0c3c /privdemo-controller.lua
download: acf-sandbox-92838457c6cb3ccbba0f1f69c41d1da9c6f7c2d7.tar.bz2
acf-sandbox-92838457c6cb3ccbba0f1f69c41d1da9c6f7c2d7.tar.xz
1 files changed, 31 insertions, 0 deletions
diff --git a/privdemo-controller.lua b/privdemo-controller.lua
new file mode 100644
index 0000000..bd8507f
--- /dev/null
+++ b/privdemo-controller.lua
@@ -0,0 +1,31 @@
+-- ipsec controller
+
+module(..., package.seeall)
+
+require("privsep")
+require("posix")
+
+-- we drop privileges on load. in model we have defined what funcs should
+-- have privileges in the table 'priv'
+mvc ={}
+function mvc.on_load(self)
+	self.priv = privsep.drop_privs("nobody", "nogroup", self.model.priv)
+end
+
+function test(self)
+	local a = {}
+	a.model_uid = self.model.getuid()
+	a.priv_uid = self.priv.getuid()
+	return a
+end
+
+-- we actually show out text
+--function view_resolver(self)
+--	return function(self)
+--		local k,v
+--		io.write("\n\nmy view resolver\n")
+--		io.write("Parameters from controller: "..self.."\n")
+--		print("my uid = ", posix.getpid().euid)
+--	end
+--end
+
author	Natanael Copa <natanael.copa@gmail.com>	2007-11-16 07:45:20 +0000
committer	Natanael Copa <natanael.copa@gmail.com>	2007-11-16 07:45:20 +0000
commit	92838457c6cb3ccbba0f1f69c41d1da9c6f7c2d7 (patch)
tree	ee7f7fc76aa53e69b15a0460b70bc06c77ac0c3c /privdemo-controller.lua
download	acf-sandbox-92838457c6cb3ccbba0f1f69c41d1da9c6f7c2d7.tar.bz2 acf-sandbox-92838457c6cb3ccbba0f1f69c41d1da9c6f7c2d7.tar.xz