Crate trippy_privilege

Crate trippy_privilege 

Source
Expand description

Discover platform privileges.

A cross-platform library to discover and manage platform privileges needed for sending ICMP packets via RAW and IPPROTO_ICMP sockets.

Privilege::acquire_privileges:

  • On Linux we check if CAP_NET_RAW is in the permitted set and if so raise it to the effective set
  • On other Unix platforms this is a no-op
  • On Windows this is a no-op

Privilege::has_privileges (obtained via Privilege::discover):

  • On Linux we check if CAP_NET_RAW is in the effective set
  • On other Unix platforms we check that the effective user is root
  • On Windows we check if the current process has an elevated token

Privilege::needs_privileges (obtained via Privilege::discover):

  • On macOS we do not always need privileges to send ICMP packets as we can use IPPROTO_ICMP sockets with the IP_HDRINCL socket option.
  • On Linux we always need privileges to send ICMP packets even though it supports the IPPROTO_ICMP socket type but not the IP_HDRINCL socket option
  • On Windows we always need privileges to send ICMP packets

Privilege::drop_privileges:

  • On Linux we clear the effective set
  • On other Unix platforms this is a no-op
  • On Windows this is a no-op

§Examples

Acquire the required privileges if we can:

let privilege = Privilege::acquire_privileges()?;
if privilege.has_privileges() {
    println!("You have the required privileges for raw sockets");
} else {
    println!("You do not have the required privileges for raw sockets");
}
if privilege.needs_privileges() {
    println!("You always need privileges to send ICMP packets.");
} else {
    println!("You do not always need privileges to send ICMP packets.");
}

Discover the current privileges:

let privilege = Privilege::discover()?;
if privilege.has_privileges() {
    println!("You have the required privileges for raw sockets");
} else {
    println!("You do not have the required privileges for raw sockets");
}
if privilege.needs_privileges() {
    println!("You always need privileges to send ICMP packets.");
} else {
    println!("You do not always need privileges to send ICMP packets.");
}

Drop all privileges:

Privilege::drop_privileges()?;

Structs§

Privilege
Run-time platform privilege information.

Enums§

Error
A privilege error.

Type Aliases§

Result
A privilege error result.