rdelaage
/
gmid
mirror of https://github.com/omar-polo/gmid.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

adjust pledge/unveil on OpenBSD 

to connect to unix-domain sockets the `unix' pledge is needed and also
unveil "w".  gmid can't mutate files because it doesn't pledge `wpath'
nor `cpath'.
This commit is contained in:
Omar Polo 2022-11-27 10:04:39 +00:00
parent 6130e0eeac
commit b24c6fcc1c
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
sandbox.c
View File

@ -611,14 +611,14 @@ sandbox_server_process(int can_open_sockets)
if (*l->dir == '\0')
continue;
if (unveil(l->dir, "r") == -1)
if (unveil(l->dir, "rw") == -1)
fatal("unveil %s for domain %s",
l->dir,
h->domain);
}
}
if (pledge("stdio recvfd rpath inet dns", NULL) == -1)
if (pledge("stdio recvfd rpath unix inet dns", NULL) == -1)
fatal("pledge");
}