mirror of https://github.com/leahneukirchen/mblaze
pledge(2) all programs
All programs except mshow have a very tight set of promises. mshow
has a broad set of promises and might be a good future candidate
to further restrict using unveil(2).
This patch is based on commit 0300a112
by Alex Holst (dated
2017-12-07), which was proposed in GH PR #79.
* pledged mpick, mflow and mdate so that now all programs are pledged
* removed some unneeded promises and added some missing promises
* move err.h include and OpenBSD ifdef into a new xpledge.h
* cleaned up code aligning and whitespace
Closes: #179 [via git-merge-pr]
pull/185/head
parent
6bd687bfdc
commit
4763032430
@ -0,0 +1,26 @@
|
|||||||
|
#ifndef PLEDGE_H
|
||||||
|
#define PLEDGE_H
|
||||||
|
|
||||||
|
#ifdef __OpenBSD__
|
||||||
|
|
||||||
|
#ifndef _BSD_SOURCE
|
||||||
|
#define _BSD_SOURCE
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#include <err.h>
|
||||||
|
#include <unistd.h>
|
||||||
|
|
||||||
|
static void
|
||||||
|
xpledge(const char *promises, const char *execpromises)
|
||||||
|
{
|
||||||
|
if (pledge(promises, execpromises) == -1)
|
||||||
|
err(1, "pledge");
|
||||||
|
}
|
||||||
|
|
||||||
|
#else
|
||||||
|
|
||||||
|
#define xpledge(promises, execpromises) do { } while(0)
|
||||||
|
|
||||||
|
#endif /* __OpenBSD__ */
|
||||||
|
|
||||||
|
#endif /* PLEDGE_H */
|
Loading…
Reference in New Issue