Browse Source

ZyklonB, kike: Use pledge(2) in OpenBSD

degesch has something like "stdio wpath cpath inet tty proc exec"
but given that it's user-extensible and very annoying for users to
have it crash, I'm leaving it unrestricted for now.
tags/v0.9.4
Přemysl Janouch 3 years ago
parent
commit
695d615225
2 changed files with 12 additions and 0 deletions
  1. +6
    -0
      kike.c
  2. +6
    -0
      zyklonb.c

+ 6
- 0
kike.c View File

@@ -4076,6 +4076,12 @@ main (int argc, char *argv[])
else if (!irc_lock_pid_file (&ctx, &e))
exit_fatal ("%s", e->message);

#if OpenBSD >= 201605
// This won't be as simple once we decide to implement REHASH
if (pledge ("stdio inet dns", NULL))
exit_fatal ("%s: %s", "pledge", strerror (errno));
#endif

ctx.polling = true;
while (ctx.polling)
poller_run (&ctx.poller);

+ 6
- 0
zyklonb.c View File

@@ -2023,6 +2023,12 @@ main (int argc, char *argv[])
ctx.signal_event.user_data = &ctx;
poller_fd_set (&ctx.signal_event, POLLIN);

#if OpenBSD >= 201605
// cpath is for creating the plugin home directory
if (pledge ("stdio rpath cpath inet proc exec", NULL))
exit_fatal ("%s: %s", "pledge", strerror (errno));
#endif

plugin_load_all_from_config (&ctx);
if (!parse_config (&ctx, &e)
|| !irc_connect (&ctx, &e))

Loading…
Cancel
Save