procmgr_ability() calls and the security policy

Updated: April 19, 2023

When you use security policies, QNX strongly recommends that you run procnto with the -bl option.

When procnto runs with the -bl option, secpolgenerate locks all abilities. If a process calls procmgr_ability() to configure its abilities, the call does not fail due to locked abilities, nor does it change the locked abilities. Using -bl usually results in better configuration of abilities.

In previous releases that did not support -bl, if secpolgenerate locked abilities, it could cause a procmgr_ability() call to fail, which in turn could cause the process to exit. To allow the policy it generated to work, secpolgenerate needed to leave unlocked all abilities affected by procmgr_ability() calls. To allow it to do this, you needed to include the DLL secpol-preload.so on your system and preload it in all programs by setting the environment variable LD_PRELOAD to secpol-preload.so. While this configuration is still possible if you do not use -bl, the generated policies are not as good and there is no reason to avoid the -bl option.