summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorHiltjo Posthuma <hiltjo@codemadness.org>2021-01-01 22:38:10 +0100
committerHiltjo Posthuma <hiltjo@codemadness.org>2021-01-01 22:59:14 +0100
commitaec6b5c35ac33736e6b94e1a613666fe19ebb2d4 (patch)
treec91cac03203a5c8132d18c84a4d904c2f53a46a7
parente09c96a75edf81b3d219223b6d3564ad7df10004 (diff)
sfeed_gopher: tighten filesystem permissions on OpenBSD using unveil(2)
sfeed_gopher must be able to write in the current directory, but does not need write permissions outside it. It could read from any place in the filesystem (to read feed files). Prompted by a suggestion from vejetaryenvampir, thanks!
-rw-r--r--sfeed_gopher.c13
-rw-r--r--util.h1
2 files changed, 12 insertions, 2 deletions
diff --git a/sfeed_gopher.c b/sfeed_gopher.c
index 0d5b0c9..69b15f6 100644
--- a/sfeed_gopher.c
+++ b/sfeed_gopher.c
@@ -112,8 +112,17 @@ main(int argc, char *argv[])
char *name, *p, path[PATH_MAX + 1];
int i, r;
- if (pledge(argc == 1 ? "stdio" : "stdio rpath wpath cpath", NULL) == -1)
- err(1, "pledge");
+ if (argc == 1) {
+ if (pledge("stdio", NULL) == -1)
+ err(1, "pledge");
+ } else {
+ if (unveil("/", "r") == -1)
+ err(1, "unveil");
+ if (unveil(".", "rwc") == -1)
+ err(1, "unveil");
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ err(1, "pledge");
+ }
if ((comparetime = time(NULL)) == -1)
err(1, "time");
diff --git a/util.h b/util.h
index bdd5664..bc6e52f 100644
--- a/util.h
+++ b/util.h
@@ -6,6 +6,7 @@
#include <unistd.h>
#else
#define pledge(p1,p2) 0
+#define unveil(p1,p2) 0
#endif
#undef strlcat