44 bool DropPreExecPrivileges(const shell_as::SecurityContext* context) {  in DropPreExecPrivileges()  argument
50   if (context->group_id.has_value() &&  in DropPreExecPrivileges()
51       setresgid(context->group_id.value(), context->group_id.value(),  in DropPreExecPrivileges()
52                 context->group_id.value()) != 0) {  in DropPreExecPrivileges()
53     std::cerr << "Unable to set group id: " << context->group_id.value()  in DropPreExecPrivileges()
57   if (context->supplementary_group_ids.has_value() &&  in DropPreExecPrivileges()
58       setgroups(context->supplementary_group_ids.value().size(),  in DropPreExecPrivileges()
59                 context->supplementary_group_ids.value().data()) != 0) {  in DropPreExecPrivileges()
64   if (context->seccomp_filter.has_value()) {  in DropPreExecPrivileges()
65     switch (context->seccomp_filter.value()) {  in DropPreExecPrivileges()
85   if (context->user_id.has_value() &&  in DropPreExecPrivileges()
86       setresuid(context->user_id.value(), context->user_id.value(),  in DropPreExecPrivileges()
87                 context->user_id.value()) != 0) {  in DropPreExecPrivileges()
88     std::cerr << "Unable to set user id: " << context->user_id.value()  in DropPreExecPrivileges()
95   if (context->capabilities.has_value()) {  in DropPreExecPrivileges()
122     cap_t desired_capabilities = context->capabilities.value();  in DropPreExecPrivileges()
299                       const shell_as::SecurityContext* context) {  in ExecuteInContext()  argument
318     if (!DropPreExecPrivileges(context)) {  in ExecuteInContext()
364     if (context->selinux_context.has_value()) {  in ExecuteInContext()
367           context->selinux_context.value(), &shell_code_size);  in ExecuteInContext()