mirror of https://github.com/leahneukirchen/mblaze
pledge(2) all programs
All programs except mshow have a very tight set of promises. mshow
has a broad set of promises and might be a good future candidate
to further restrict using unveil(2).
This patch is based on commit 0300a112
by Alex Holst (dated
2017-12-07), which was proposed in GH PR #79.
* pledged mpick, mflow and mdate so that now all programs are pledged
* removed some unneeded promises and added some missing promises
* move err.h include and OpenBSD ifdef into a new xpledge.h
* cleaned up code aligning and whitespace
pull/179/head
parent
6649576fda
commit
59137944e4
@ -0,0 +1,26 @@
|
||||
#ifndef PLEDGE_H
|
||||
#define PLEDGE_H
|
||||
|
||||
#ifdef __OpenBSD__
|
||||
|
||||
#ifndef _BSD_SOURCE
|
||||
#define _BSD_SOURCE
|
||||
#endif
|
||||
|
||||
#include <err.h>
|
||||
#include <unistd.h>
|
||||
|
||||
static void
|
||||
xpledge(const char *promises, const char *execpromises)
|
||||
{
|
||||
if (pledge(promises, execpromises) == -1)
|
||||
err(1, "pledge");
|
||||
}
|
||||
|
||||
#endif /* __OpenBSD__ */
|
||||
|
||||
#elif
|
||||
|
||||
#define xpledge(promises, execpromises)) 0
|
||||
|
||||
#endif /* PLEDGE_H */
|
Loading…
Reference in New Issue