Drop exec capability iff restricted
Nothing must be executed when running /copy, et al.master
parent
c93c56e4e5
commit
837c9efce4
7
chat.c
7
chat.c
|
@ -340,6 +340,13 @@ int main(int argc, char *argv[]) {
|
|||
fcntl(execPipe[1], F_SETFD, FD_CLOEXEC);
|
||||
}
|
||||
|
||||
#ifdef __OpenBSD__
|
||||
if (self.restricted) {
|
||||
error = pledge("stdio rpath wpath cpath tty", NULL);
|
||||
if (error) err(EX_OSERR, "pledge");
|
||||
}
|
||||
#endif
|
||||
|
||||
struct pollfd fds[] = {
|
||||
{ .events = POLLIN, .fd = STDIN_FILENO },
|
||||
{ .events = POLLIN, .fd = irc },
|
||||
|
|
Loading…
Reference in New Issue