F Parent topic: F

fchecktrust()

Updated: April 19, 2023

Determine if a file is trusted

Synopsis:

#include <sys/stat.h>

int fchecktrust( const int fd,
                 const struct stat *pstat,
                 const unsigned operation);

Arguments:

fd
The file descriptor of the open file to check.
pstat
A pointer to a struct stat buffer. Although you can specify NULL to get information about the file itself, in many cases you've already called fstat() and you can improve performance by providing the result of that call.
operation
One of the following values:
  • CHECK_TRUST_FILE — Check if the file is trusted.
  • CHECK_TRUST_EXEC — Check if a file can be executed; that is, that the file is trusted, pathtrust is NOT in use, or the caller has the untrusted_exec ability.

Library:

libc

Use the -l c option to qcc to link against this library. This library is usually included automatically.

Description:

The fchecktrust() function determines whether or not the file associated with the given file descriptor is trusted or is in a trusted filesystem.

QNX recommends that you use this function instead of fdistrusted() For example, to call the equivalent of fdistrusted(fd), call fchecktrust(fd, NULL, CHECK_TRUST_FILE).

You can use the pathtrust feature to prevent processes from executing untrusted files. See “Pathtrust” in the System Security Guide.

Returns:

EOK if the file is trusted, or errno value if an error occurred.

Errors:

EPERM
The file is not trusted or its execution is not permitted.
EBADF
The fd argument isn't a valid file descriptor.

Classification:

QNX Neutrino

Safety:  
Cancellation point No
Interrupt handler No
Signal handler Yes
Thread Yes
Related reference
fdistrusted()
mmap(), mmap64(), mmap_handle()
mprotect()
procmgr_ability()
Parent topic: F