bx
/
catgirl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

OpenBSD: merge unveil and pledge logic a bit 

This reads somewhat clearer as code is grouped by features instead of
security mechanisms by simply merging identical tests/conditions.

No functional change.
weechat-hashes
Klemens Nanni 2021-06-29 00:03:00 +00:00 committed by C. McEnroe
parent 7793ca36bb
commit 5bfba6df52
1 changed files with 5 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
chat.c
View File

@ -282,24 +282,23 @@ int main(int argc, char *argv[]) {
}
#ifdef __OpenBSD__
char promises[64] = "stdio tty";
char *ptr = &promises[strlen(promises)], *end = &promises[sizeof(promises)];
if (log) {
const char *logdir = dataMkdir("log");
int error = unveil(logdir, "wc");
if (error) err(EX_OSERR, "unveil");
ptr = seprintf(ptr, end, " wpath cpath");
}
if (!self.restricted) {
int error = unveil("/", "x");
if (error) err(EX_OSERR, "unveil");
ptr = seprintf(ptr, end, " proc exec");
}
char promises[64] = "stdio tty";
char *ptr = &promises[strlen(promises)], *end = &promises[sizeof(promises)];
if (log) ptr = seprintf(ptr, end, " wpath cpath");
if (!self.restricted) ptr = seprintf(ptr, end, " proc exec");
char *promisesInitial = ptr;
ptr = seprintf(ptr, end, " inet dns");
int error = pledge(promises, NULL);
if (error) err(EX_OSERR, "pledge");