def setter(self, value): bits = _prctl.prctl(_prctl.PR_GET_SECUREBITS) if value: bits |= bit else: bits &= ~(bit) _prctl.prctl(_prctl.PR_SET_SECUREBITS, bits)
def limit(self, *caps): for cap in [x for x in ALL_CAPS if x not in _parse_caps_simple(caps)]: _prctl.prctl(_prctl.PR_CAPBSET_DROP, cap)
def drop(self, *caps): for cap in _parse_caps_simple(caps): _prctl.prctl(_prctl.PR_CAPBSET_DROP, cap)
def getter(self): return bool(_prctl.prctl(_prctl.PR_GET_SECUREBITS) & (1 << bit))
def setter(self, value): if value: raise ValueError("Can only drop capabilities from the bounding set, not add new ones") _prctl.prctl(_prctl.PR_CAPBSET_DROP, cap)
def getter(self): return _prctl.prctl(_prctl.PR_CAPBSET_READ, cap)
def call_prctl(arg=0): return _prctl.prctl(option, arg)
def call_prctl(arg=None, arg2=None): if arg == None: return _prctl.prctl(option) if arg2 == None: return _prctl.prctl(option, arg) return _prctl.prctl(option, arg, arg2)