commit aec6b5c35ac33736e6b94e1a613666fe19ebb2d4
parent e09c96a75edf81b3d219223b6d3564ad7df10004
Author: Hiltjo Posthuma <hiltjo@codemadness.org>
Date: Fri, 1 Jan 2021 22:38:10 +0100
sfeed_gopher: tighten filesystem permissions on OpenBSD using unveil(2)
sfeed_gopher must be able to write in the current directory, but does not need
write permissions outside it. It could read from any place in the filesystem
(to read feed files).
Prompted by a suggestion from vejetaryenvampir, thanks!
Diffstat:
2 files changed, 12 insertions(+), 2 deletions(-)
diff --git a/sfeed_gopher.c b/sfeed_gopher.c
@@ -112,8 +112,17 @@ main(int argc, char *argv[])
char *name, *p, path[PATH_MAX + 1];
int i, r;
- if (pledge(argc == 1 ? "stdio" : "stdio rpath wpath cpath", NULL) == -1)
- err(1, "pledge");
+ if (argc == 1) {
+ if (pledge("stdio", NULL) == -1)
+ err(1, "pledge");
+ } else {
+ if (unveil("/", "r") == -1)
+ err(1, "unveil");
+ if (unveil(".", "rwc") == -1)
+ err(1, "unveil");
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ err(1, "pledge");
+ }
if ((comparetime = time(NULL)) == -1)
err(1, "time");
diff --git a/util.h b/util.h
@@ -6,6 +6,7 @@
#include <unistd.h>
#else
#define pledge(p1,p2) 0
+#define unveil(p1,p2) 0
#endif
#undef strlcat