mirror of https://github.com/omar-polo/gmid.git
adjust pledge/unveil on OpenBSD
to connect to unix-domain sockets the `unix' pledge is needed and also unveil "w". gmid can't mutate files because it doesn't pledge `wpath' nor `cpath'.
This commit is contained in:
parent
6130e0eeac
commit
b24c6fcc1c
|
@ -611,14 +611,14 @@ sandbox_server_process(int can_open_sockets)
|
|||
if (*l->dir == '\0')
|
||||
continue;
|
||||
|
||||
if (unveil(l->dir, "r") == -1)
|
||||
if (unveil(l->dir, "rw") == -1)
|
||||
fatal("unveil %s for domain %s",
|
||||
l->dir,
|
||||
h->domain);
|
||||
}
|
||||
}
|
||||
|
||||
if (pledge("stdio recvfd rpath inet dns", NULL) == -1)
|
||||
if (pledge("stdio recvfd rpath unix inet dns", NULL) == -1)
|
||||
fatal("pledge");
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue