OpenBSD: Only unveil used directories

dataMkdir() already picked the appropiate directory so make it
return that such that unveilData() can go as only that one directory
needs unveiling.
master
Klemens Nanni 2021-06-19 14:57:00 +00:00 committed by C. McEnroe
parent e2bebca7dc
commit 3a38e36717
3 changed files with 6 additions and 14 deletions

15
chat.c
View File

@ -127,16 +127,6 @@ static void parseHash(char *str) {
if (*str) hashBound = strtoul(&str[1], NULL, 0); if (*str) hashBound = strtoul(&str[1], NULL, 0);
} }
#ifdef __OpenBSD__
static void unveilData(const char *name) {
const char *dirs = NULL;
for (const char *path; NULL != (path = dataPath(&dirs, name));) {
int error = unveil(path, "wc");
if (error && errno != ENOENT) err(EX_CANTCREAT, "%s", path);
}
}
#endif
static volatile sig_atomic_t signals[NSIG]; static volatile sig_atomic_t signals[NSIG];
static void signalHandler(int signal) { static void signalHandler(int signal) {
signals[signal] = 1; signals[signal] = 1;
@ -287,8 +277,9 @@ int main(int argc, char *argv[]) {
#ifdef __OpenBSD__ #ifdef __OpenBSD__
if (self.restricted && logEnable) { if (self.restricted && logEnable) {
dataMkdir(""); const char *logdir = dataMkdir("");
unveilData(""); int error = unveil(logdir, "wc");
if (error) err(EX_OSERR, "unveil");
} }
char promises[64] = "stdio tty"; char promises[64] = "stdio tty";

2
chat.h
View File

@ -403,7 +403,7 @@ const char *configPath(const char **dirs, const char *path);
const char *dataPath(const char **dirs, const char *path); const char *dataPath(const char **dirs, const char *path);
FILE *configOpen(const char *path, const char *mode); FILE *configOpen(const char *path, const char *mode);
FILE *dataOpen(const char *path, const char *mode); FILE *dataOpen(const char *path, const char *mode);
void dataMkdir(const char *path); const char *dataMkdir(const char *path);
int getopt_config( int getopt_config(
int argc, char *const *argv, int argc, char *const *argv,

3
xdg.c
View File

@ -114,11 +114,12 @@ FILE *configOpen(const char *path, const char *mode) {
return NULL; return NULL;
} }
void dataMkdir(const char *path) { const char *dataMkdir(const char *path) {
const char *dirs = NULL; const char *dirs = NULL;
path = dataPath(&dirs, path); path = dataPath(&dirs, path);
int error = mkdir(path, S_IRWXU); int error = mkdir(path, S_IRWXU);
if (error && errno != EEXIST) err(EX_CANTCREAT, "%s", path); if (error && errno != EEXIST) err(EX_CANTCREAT, "%s", path);
return path;
} }
FILE *dataOpen(const char *path, const char *mode) { FILE *dataOpen(const char *path, const char *mode) {