FreeBSD: Limit rights on log directory
parent
b48d0d607c
commit
56c31ae442
14
log.c
14
log.c
|
@ -38,6 +38,10 @@
|
|||
#include <time.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#ifdef __FreeBSD__
|
||||
#include <sys/capsicum.h>
|
||||
#endif
|
||||
|
||||
#include "chat.h"
|
||||
|
||||
static int logDir = -1;
|
||||
|
@ -47,6 +51,16 @@ void logOpen(void) {
|
|||
const char *path = dataMkdir("log");
|
||||
logDir = open(path, O_RDONLY | O_CLOEXEC);
|
||||
if (logDir < 0) err(EX_CANTCREAT, "%s", path);
|
||||
|
||||
#ifdef __FreeBSD__
|
||||
cap_rights_t rights;
|
||||
cap_rights_init(
|
||||
&rights, CAP_MKDIRAT, CAP_CREATE, CAP_WRITE,
|
||||
/* for fdopen(3) */ CAP_FCNTL, CAP_FSTAT
|
||||
);
|
||||
int error = cap_rights_limit(logDir, &rights);
|
||||
if (error) err(EX_OSERR, "cap_rights_limit");
|
||||
#endif
|
||||
}
|
||||
|
||||
static void logMkdir(const char *path) {
|
||||
|
|
Loading…
Reference in New Issue