Main Page | Alphabetical List | Data Structures | Directories | File List | Data Fields | Globals | Search for 
daten / src / rsbac / linux-2.4.31-rsbac-v1.2.4 / rsbac / adf / cap

cap_main.c

Go to the documentation of this file.
00001 /**************************************************** */
00002 /* Rule Set Based Access Control                      */
00003 /* Implementation of the Access Control Decision      */
00004 /* Facility (ADF) - Linux Capabilities (CAP)          */
00005 /* File: rsbac/adf/cap/main.c                         */
00006 /*                                                    */
00007 /* Author and (c) 1999-2005: Amon Ott <ao@rsbac.org>  */
00008 /*                                                    */
00009 /* Last modified: 24/Jan/2005                         */
00010 /**************************************************** */
00011 
00012 #include <linux/string.h>
00013 #include <rsbac/types.h>
00014 #include <rsbac/aci.h>
00015 #include <rsbac/adf_main.h>
00016 #include <rsbac/error.h>
00017 #include <rsbac/helpers.h>
00018 #include <rsbac/getname.h>
00019 #include <rsbac/debug.h>
00020 
00021 /************************************************* */
00022 /*           Global Variables                      */
00023 /************************************************* */
00024 
00025 /************************************************* */
00026 /*          Internal Help functions                */
00027 /************************************************* */
00028 
00029 /************************************************* */
00030 /*          Externally visible functions           */
00031 /************************************************* */
00032 
00033 enum rsbac_adf_req_ret_t
00034    rsbac_adf_request_cap (enum  rsbac_adf_request_t     request,
00035                                 rsbac_pid_t             caller_pid,
00036                           enum  rsbac_target_t          target,
00037                           union rsbac_target_id_t       tid,
00038                           enum  rsbac_attribute_t       attr,
00039                           union rsbac_attribute_value_t attr_val,
00040                                 rsbac_uid_t             owner)
00041   {
00042     union rsbac_target_id_t       i_tid;
00043     union rsbac_attribute_value_t i_attr_val1;
00044 
00045     switch (request)
00046       {
00047         case R_MODIFY_ATTRIBUTE:
00048             switch(attr)
00049               {
00050                 case A_system_role:
00051                 case A_cap_role:
00052                 case A_min_caps:
00053                 case A_max_caps:
00054                 case A_cap_process_hiding:
00055                 #ifdef CONFIG_RSBAC_CAP_AUTH_PROT
00056                 case A_auth_may_setuid:
00057                 case A_auth_may_set_cap:
00058                 case A_auth_start_uid:
00059                 case A_auth_program_file:
00060                 case A_auth_learn:
00061                 case A_auth_add_f_cap:
00062                 case A_auth_remove_f_cap:
00063                 #endif
00064                 /* All attributes (remove target!) */
00065                 case A_none:
00066                   /* Security Officer? */
00067                   i_tid.user = owner;
00068                   if (rsbac_get_attr(CAP,
00069                                      T_USER,
00070                                      i_tid,
00071                                      A_cap_role,
00072                                      &i_attr_val1,
00073                                      TRUE))
00074                     {
00075                       rsbac_ds_get_error("rsbac_adf_request_cap()", A_cap_role);
00076                       return(NOT_GRANTED);
00077                     }
00078                   /* if sec_officer, then grant */
00079                   if (i_attr_val1.system_role == SR_security_officer)
00080                     return(GRANTED);
00081                   else
00082                     return(NOT_GRANTED);
00083 
00084                 default:
00085                   return(DO_NOT_CARE);
00086               }
00087 
00088         case R_READ_ATTRIBUTE:
00089             switch(attr)
00090               {
00091                 case A_system_role:
00092                 case A_cap_role:
00093                 case A_min_caps:
00094                 case A_max_caps:
00095                 case A_cap_process_hiding:
00096                 /* All attributes (remove target!) */
00097                 case A_none:
00098                   /* Security Officer or Admin? */
00099                   i_tid.user = owner;
00100                   if (rsbac_get_attr(CAP,
00101                                      T_USER,
00102                                      i_tid,
00103                                      A_cap_role,
00104                                      &i_attr_val1,
00105                                      TRUE))
00106                     {
00107                       rsbac_ds_get_error("rsbac_adf_request_cap()", A_cap_role);
00108                       return(NOT_GRANTED);
00109                     }
00110                   /* if sec_officer, then grant */
00111                   if(   (i_attr_val1.system_role == SR_security_officer)
00112                      || (i_attr_val1.system_role == SR_administrator)
00113                     )
00114                     return(GRANTED);
00115                   else
00116                     return(NOT_GRANTED);
00117 
00118                 default:
00119                   return(DO_NOT_CARE);
00120               }
00121 
00122         case R_SWITCH_LOG:
00123             switch(target)
00124               {
00125                 case T_NONE:
00126                   /* test owner's cap_role */
00127                   i_tid.user = owner;
00128                   if (rsbac_get_attr(CAP,
00129                                      T_USER,
00130                                      i_tid,
00131                                      A_cap_role,
00132                                      &i_attr_val1,
00133                                      TRUE))
00134                     {
00135                       rsbac_ds_get_error("rsbac_adf_request_cap()", A_cap_role);
00136                       return(NOT_GRANTED);
00137                     }
00138                   /* security officer? -> grant  */
00139                   if (i_attr_val1.system_role == SR_security_officer)
00140                     return(GRANTED);
00141                   else
00142                     return(NOT_GRANTED);
00143 
00144                 /* all other cases are unknown */
00145                 default: return(DO_NOT_CARE);
00146               }
00147 
00148         case R_SWITCH_MODULE:
00149             switch(target)
00150               {
00151                 case T_NONE:
00152                   /* we need the switch_target */
00153                   if(attr != A_switch_target)
00154                     return(UNDEFINED);
00155                   /* do not care for other modules */
00156                   if(   (attr_val.switch_target != CAP)
00157                      #ifdef CONFIG_RSBAC_CAP_AUTH_PROT
00158                      && (attr_val.switch_target != AUTH)
00159                      #endif
00160                      #ifdef CONFIG_RSBAC_SOFTMODE
00161                      && (attr_val.switch_target != SOFTMODE)
00162                      #endif
00163                      #ifdef CONFIG_RSBAC_FREEZE
00164                      && (attr_val.switch_target != FREEZE)
00165                      #endif
00166                     )
00167                     return(DO_NOT_CARE);
00168                   /* test owner's cap_role */
00169                   i_tid.user = owner;
00170                   if (rsbac_get_attr(CAP,
00171                                      T_USER,
00172                                      i_tid,
00173                                      A_cap_role,
00174                                      &i_attr_val1,
00175                                      TRUE))
00176                     {
00177                       rsbac_ds_get_error("rsbac_adf_request_cap()", A_cap_role);
00178                       return(NOT_GRANTED);
00179                     }
00180                   /* security officer? -> grant  */
00181                   if (i_attr_val1.system_role == SR_security_officer)
00182                     return(GRANTED);
00183                   else
00184                     return(NOT_GRANTED);
00185 
00186                 /* all other cases are unknown */
00187                 default: return(DO_NOT_CARE);
00188               }
00189 
00190 #ifdef CONFIG_RSBAC_CAP_PROC_HIDE
00191         case R_CHANGE_GROUP:
00192         case R_GET_STATUS_DATA:
00193         case R_SEND_SIGNAL:
00194         case R_TRACE:
00195           switch(target)
00196             {
00197               case T_PROCESS:
00198                 if(caller_pid == tid.process)
00199                   return GRANTED;
00200                 if (rsbac_get_attr(CAP,
00201                                    target,
00202                                    tid,
00203                                    A_cap_process_hiding,
00204                                    &i_attr_val1,
00205                                    TRUE))
00206                   {
00207                     rsbac_ds_get_error("rsbac_adf_request_cap()", A_cap_process_hiding);
00208                     return(NOT_GRANTED);  /* something weird happened */
00209                   }
00210                 switch(i_attr_val1.cap_process_hiding)
00211                   {
00212                     case PH_full:
00213                         /* Security Officer or Admin? */
00214                         i_tid.user = owner;
00215                         if (rsbac_get_attr(CAP,
00216                                            T_USER,
00217                                            i_tid,
00218                                            A_cap_role,
00219                                            &i_attr_val1,
00220                                            TRUE))
00221                           {
00222                             rsbac_ds_get_error("rsbac_adf_request_cap()", A_cap_role);
00223                             return(NOT_GRANTED);
00224                           }
00225                         /* if sec_officer, then grant */
00226                         if(i_attr_val1.system_role == SR_security_officer)
00227                           return(GRANTED);
00228                         else
00229                           return(NOT_GRANTED);
00230                     case PH_from_other_users:
00231                       {
00232                         struct task_struct * task_p;
00233                         enum rsbac_adf_req_ret_t result;
00234 
00235                         read_lock(&tasklist_lock);
00236                         task_p = find_task_by_pid(tid.process);
00237                         if(   task_p
00238                            && (task_p->uid != owner)
00239                           )
00240                           result = NOT_GRANTED;
00241                         else
00242                           result = GRANTED;
00243                         read_unlock(&tasklist_lock);
00244                         if(result == GRANTED)
00245                           return GRANTED;
00246                         /* Security Officer or Admin? */
00247                         i_tid.user = owner;
00248                         if (rsbac_get_attr(CAP,
00249                                            T_USER,
00250                                            i_tid,
00251                                            A_cap_role,
00252                                            &i_attr_val1,
00253                                            TRUE))
00254                           {
00255                             rsbac_ds_get_error("rsbac_adf_request_cap()", A_cap_role);
00256                             return(NOT_GRANTED);
00257                           }
00258                         /* if sec_officer or admin, then grant */
00259                         if(   (i_attr_val1.system_role == SR_security_officer)
00260                            || (i_attr_val1.system_role == SR_administrator)
00261                           )
00262                           return(GRANTED);
00263                         else
00264                           return(NOT_GRANTED);
00265                       }
00266                     default:
00267                       return DO_NOT_CARE;
00268                   }
00269 
00270               default:
00271                 return DO_NOT_CARE;
00272             }
00273 #endif
00274 
00275 /*********************/
00276         default: return DO_NOT_CARE;
00277       }
00278 
00279     return(DO_NOT_CARE);
00280   }; /* end of rsbac_adf_request_cap() */
00281 
00282 
00283 /*****************************************************************************/
00284 /* If the request returned granted and the operation is performed,           */
00285 /* the following function can be called by the AEF to get all aci set        */
00286 /* correctly. For write accesses that are performed fully within the kernel, */
00287 /* this is usually not done to prevent extra calls, including R_CLOSE for    */
00288 /* cleaning up.                                                              */
00289 /* The second instance of target specification is the new target, if one has */
00290 /* been created, otherwise its values are ignored.                           */
00291 /* On success, 0 is returned, and an error from rsbac/error.h otherwise.     */
00292 
00293 int  rsbac_adf_set_attr_cap(
00294                       enum  rsbac_adf_request_t     request,
00295                             rsbac_pid_t             caller_pid,
00296                       enum  rsbac_target_t          target,
00297                       union rsbac_target_id_t       tid,
00298                       enum  rsbac_target_t          new_target,
00299                       union rsbac_target_id_t       new_tid,
00300                       enum  rsbac_attribute_t       attr,
00301                       union rsbac_attribute_value_t attr_val,
00302                             rsbac_uid_t             owner)
00303   {
00304     union rsbac_target_id_t       i_tid;
00305     union rsbac_attribute_value_t i_attr_val1;
00306 
00307     switch (request)
00308       {
00309         case R_CHANGE_OWNER:
00310             switch(target)
00311               {
00312                 case T_PROCESS:
00313                   if(attr != A_owner)
00314                     return(-RSBAC_EINVALIDATTR);
00315                   /* Adjust Linux caps */
00316                   i_tid.user = attr_val.owner;
00317                   if (rsbac_get_attr(CAP,
00318                                      T_USER,
00319                                      i_tid,
00320                                      A_max_caps,
00321                                      &i_attr_val1,
00322                                      FALSE))
00323                     {
00324                       rsbac_ds_get_error("rsbac_adf_set_attr_cap()", A_max_caps);
00325                     }
00326                   else
00327                     {
00328                       #ifdef CONFIG_RSBAC_SOFTMODE
00329                       if(   rsbac_softmode
00330                       #ifdef CONFIG_RSBAC_SOFTMODE_IND
00331                          || rsbac_ind_softmode[CAP]
00332                       #endif
00333                         )
00334                         { /* Warn */
00335                           if(i_attr_val1.max_caps != RSBAC_CAP_DEFAULT_MAX)
00336                             {
00337 #ifdef CONFIG_RSBAC_RMSG
00338                               rsbac_printk(KERN_NOTICE
00339                                            "rsbac_adf_set_attr_cap(): running in softmode, max_caps of user %u not applied to process %u(%.15s)!\n",
00340                                            owner,
00341                                            caller_pid,
00342                                            current->comm);
00343 #endif
00344 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG
00345                               if (!rsbac_nosyslog)
00346 #endif
00347                               printk(KERN_NOTICE
00348                                      "rsbac_adf_set_attr_cap(): running in softmode, max_caps of user %u not applied to process %u(%.15s)!\n",
00349                                      owner,
00350                                      caller_pid,
00351                                      current->comm);
00352                             }
00353                         }
00354                       else
00355                       #endif
00356                         {
00357                           extern spinlock_t task_capability_lock;
00358 
00359                           /* set caps for process */
00360                           spin_lock(&task_capability_lock);
00361                           current->cap_permitted &= i_attr_val1.max_caps;
00362                           current->cap_effective &= i_attr_val1.max_caps;
00363                           current->cap_inheritable &= i_attr_val1.max_caps;
00364                           spin_unlock(&task_capability_lock);
00365 
00366 #ifdef CONFIG_RSBAC_CAP_LOG_MISSING
00367                           /* set max_caps_user for process */
00368                           if (rsbac_set_attr(CAP,
00369                                              target,
00370                                              tid,
00371                                              A_max_caps_user,
00372                                              i_attr_val1))
00373                             {
00374                               rsbac_ds_set_error("rsbac_adf_set_attr_cap()", A_max_caps_user);
00375                             }
00376 #endif
00377                         }
00378                     }
00379                   if (rsbac_get_attr(CAP,
00380                                      T_USER,
00381                                      i_tid,
00382                                      A_min_caps,
00383                                      &i_attr_val1,
00384                                      FALSE))
00385                     {
00386                       rsbac_ds_get_error("rsbac_adf_set_attr_cap()", A_min_caps);
00387                     }
00388                   else
00389                     {
00390                       extern spinlock_t task_capability_lock;
00391 
00392                       /* set caps for process */
00393                       spin_lock(&task_capability_lock);
00394                       current->cap_permitted |= i_attr_val1.min_caps;
00395                       current->cap_effective |= i_attr_val1.min_caps;
00396                       current->cap_inheritable |= i_attr_val1.min_caps;
00397                       spin_unlock(&task_capability_lock);
00398                     }
00399                   return 0;
00400 
00401                 /* all other cases are unknown */
00402                 default:
00403                   return(0);
00404               }
00405             break;
00406 
00407 #if defined (CONFIG_RSBAC_CAP_PROC_HIDE) || defined(CONFIG_RSBAC_CAP_LOG_MISSING)
00408         case R_CLONE:
00409             switch(target)
00410               {
00411                 case T_PROCESS:
00412 #ifdef CONFIG_RSBAC_CAP_PROC_HIDE
00413                   /* get process hiding from old process */
00414                   if (rsbac_get_attr(CAP,
00415                                      target,
00416                                      tid,
00417                                      A_cap_process_hiding,
00418                                      &i_attr_val1,
00419                                      FALSE))
00420                     {
00421                       rsbac_ds_get_error("rsbac_adf_set_attr_cap()", A_cap_process_hiding);
00422                     }
00423                   else
00424                     { /* only set, of not default value 0 */
00425                       if(i_attr_val1.cap_process_hiding)
00426                         {
00427                           /* set program based log for new process */
00428                           if (rsbac_set_attr(CAP,
00429                                              new_target,
00430                                              new_tid,
00431                                              A_cap_process_hiding,
00432                                              i_attr_val1))
00433                             {
00434                               rsbac_ds_set_error("rsbac_adf_set_attr_cap()", A_cap_process_hiding);
00435                             }
00436                         }
00437                     }
00438 #endif
00439 #ifdef CONFIG_RSBAC_CAP_LOG_MISSING
00440                   /* get max_caps_user from old process */
00441                   if (rsbac_get_attr(CAP,
00442                                      target,
00443                                      tid,
00444                                      A_max_caps_user,
00445                                      &i_attr_val1,
00446                                      FALSE))
00447                     {
00448                       rsbac_ds_get_error("rsbac_adf_set_attr_cap():CLONE", A_max_caps_user);
00449                     }
00450                   else
00451                     { /* only set, of not default value */
00452                       if(i_attr_val1.max_caps_user != RSBAC_CAP_DEFAULT_MAX)
00453                         {
00454                           if (rsbac_set_attr(CAP,
00455                                              new_target,
00456                                              new_tid,
00457                                              A_max_caps_user,
00458                                              i_attr_val1))
00459                             {
00460                               rsbac_ds_set_error("rsbac_adf_set_attr_cap():CLONE", A_max_caps_user);
00461                             }
00462                         }
00463                     }
00464                   /* get max_caps_program from old process */
00465                   if (rsbac_get_attr(CAP,
00466                                      target,
00467                                      tid,
00468                                      A_max_caps_program,
00469                                      &i_attr_val1,
00470                                      FALSE))
00471                     {
00472                       rsbac_ds_get_error("rsbac_adf_set_attr_cap():CLONE", A_max_caps_program);
00473                     }
00474                   else
00475                     { /* only set, of not default value */
00476                       if(i_attr_val1.max_caps_program != RSBAC_CAP_DEFAULT_MAX)
00477                         {
00478                           if (rsbac_set_attr(CAP,
00479                                              new_target,
00480                                              new_tid,
00481                                              A_max_caps_program,
00482                                              i_attr_val1))
00483                             {
00484                               rsbac_ds_set_error("rsbac_adf_set_attr_cap():CLONE", A_max_caps_program);
00485                             }
00486                         }
00487                     }
00488 #endif
00489                   return 0;
00490 
00491                 /* all other cases are unknown */
00492                 default:
00493                   return(0);
00494               }
00495 #endif /* PROC_HIDE || LOG_MISSING */
00496 
00497         case R_EXECUTE:
00498             switch(target)
00499               {
00500                 case T_FILE:
00501                   /* Adjust Linux caps - first user, then program based */
00502                   /* User must be redone, because caps are cleared by Linux kernel */
00503                   i_tid.user = owner;
00504                   if (rsbac_get_attr(CAP,
00505                                      T_USER,
00506                                      i_tid,
00507                                      A_max_caps,
00508                                      &i_attr_val1,
00509                                      FALSE))
00510                     {
00511                       rsbac_ds_get_error("rsbac_adf_set_attr_cap()", A_max_caps);
00512                     }
00513                   else
00514                     {
00515                       #ifdef CONFIG_RSBAC_SOFTMODE
00516                       if(   rsbac_softmode
00517                       #ifdef CONFIG_RSBAC_SOFTMODE_IND
00518                          || rsbac_ind_softmode[CAP]
00519                       #endif
00520                         )
00521                         { /* Warn */
00522                           if(i_attr_val1.max_caps != RSBAC_CAP_DEFAULT_MAX)
00523                             {
00524 #ifdef CONFIG_RSBAC_RMSG
00525                               rsbac_printk(KERN_NOTICE
00526                                            "rsbac_adf_set_attr_cap(): running in softmode, max_caps of user %u not applied to process %u(%.15s)!\n",
00527                                            owner,
00528                                            caller_pid,
00529                                            current->comm);
00530 #endif
00531 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG
00532                               if (!rsbac_nosyslog)
00533 #endif
00534                               printk(KERN_NOTICE
00535                                      "rsbac_adf_set_attr_cap(): running in softmode, max_caps of user %u not applied to process %u(%.15s)!\n",
00536                                      owner,
00537                                      caller_pid,
00538                                      current->comm);
00539                             }
00540                         }
00541                       else
00542                       #endif
00543                         {
00544                           extern spinlock_t task_capability_lock;
00545 
00546                           /* set caps for process */
00547                           spin_lock(&task_capability_lock);
00548                           current->cap_permitted &= i_attr_val1.max_caps;
00549                           current->cap_effective &= i_attr_val1.max_caps;
00550                           current->cap_inheritable &= i_attr_val1.max_caps;
00551                           spin_unlock(&task_capability_lock);
00552                         }
00553                     }
00554                   if (rsbac_get_attr(CAP,
00555                                      T_USER,
00556                                      i_tid,
00557                                      A_min_caps,
00558                                      &i_attr_val1,
00559                                      FALSE))
00560                     {
00561                       rsbac_ds_get_error("rsbac_adf_set_attr_cap()", A_min_caps);
00562                     }
00563                   else
00564                     {
00565                       extern spinlock_t task_capability_lock;
00566 
00567                       /* set caps for process */
00568                       spin_lock(&task_capability_lock);
00569                       current->cap_permitted |= i_attr_val1.min_caps;
00570                       current->cap_effective |= i_attr_val1.min_caps;
00571                       current->cap_inheritable |= i_attr_val1.min_caps;
00572                       spin_unlock(&task_capability_lock);
00573                     }
00574                   if (rsbac_get_attr(CAP,
00575                                      target,
00576                                      tid,
00577                                      A_max_caps,
00578                                      &i_attr_val1,
00579                                      FALSE))
00580                     {
00581                       rsbac_ds_get_error("rsbac_adf_set_attr_cap()", A_max_caps);
00582                     }
00583                   else
00584                     {
00585                       #ifdef CONFIG_RSBAC_SOFTMODE
00586                       if(   rsbac_softmode
00587                       #ifdef CONFIG_RSBAC_SOFTMODE_IND
00588                          || rsbac_ind_softmode[CAP]
00589                       #endif
00590                         )
00591                         { /* Warn */
00592                           if(i_attr_val1.max_caps != RSBAC_CAP_DEFAULT_MAX)
00593                             {
00594 #ifdef CONFIG_RSBAC_RMSG
00595                               rsbac_printk(KERN_NOTICE
00596                                            "rsbac_adf_set_attr_cap(): running in softmode, max_caps of program not applied to process %u(%.15s)!\n",
00597                                            caller_pid,
00598                                            current->comm);
00599 #endif
00600 #ifdef CONFIG_RSBAC_RMSG_NOSYSLOG
00601                               if (!rsbac_nosyslog)
00602 #endif
00603                               printk(KERN_NOTICE
00604                                      "rsbac_adf_set_attr_cap(): running in softmode, max_caps of program not applied to process %u(%.15s)!\n",
00605                                      caller_pid,
00606                                      current->comm);
00607                             }
00608                         }
00609                       else
00610                       #endif
00611                         {
00612                           extern spinlock_t task_capability_lock;
00613 
00614                           /* set caps for process */
00615                           spin_lock(&task_capability_lock);
00616                           current->cap_permitted &= i_attr_val1.max_caps;
00617                           current->cap_effective &= i_attr_val1.max_caps;
00618                           current->cap_inheritable &= i_attr_val1.max_caps;
00619                           spin_unlock(&task_capability_lock);
00620 
00621 #ifdef CONFIG_RSBAC_CAP_LOG_MISSING
00622                           i_tid.process = caller_pid;
00623                           /* set max_caps_program for process */
00624                           if (rsbac_set_attr(CAP,
00625                                              T_PROCESS,
00626                                              i_tid,
00627                                              A_max_caps_program,
00628                                              i_attr_val1))
00629                             {
00630                               rsbac_ds_set_error("rsbac_adf_set_attr_cap():EXECUTE", A_max_caps_program);
00631                             }
00632 #endif
00633                         }
00634                     }
00635                   if (rsbac_get_attr(CAP,
00636                                      target,
00637                                      tid,
00638                                      A_min_caps,
00639                                      &i_attr_val1,
00640                                      FALSE))
00641                     {
00642                       rsbac_ds_get_error("rsbac_adf_set_attr_cap()", A_min_caps);
00643                     }
00644                   else
00645                     {
00646                       extern spinlock_t task_capability_lock;
00647 
00648                       /* set caps for process */
00649                       spin_lock(&task_capability_lock);
00650                       current->cap_permitted |= i_attr_val1.min_caps;
00651                       current->cap_effective |= i_attr_val1.min_caps;
00652                       current->cap_inheritable |= i_attr_val1.min_caps;
00653                       spin_unlock(&task_capability_lock);
00654                     }
00655                   return 0;
00656 
00657                 /* all other cases are unknown */
00658                 default:
00659                   return(0);
00660               }
00661             break;
00662 
00663 /*********************/
00664         default: return(0);
00665       }
00666 
00667     return(0);
00668   } /* end of rsbac_adf_set_attr_cap() */
00669 
00670 /* end of rsbac/adf/cap/main.c */
Generated on Fri Jun 17 09:45:19 2005 for RSBAC by  doxygen 1.4.2