Download raw body.
gotd auth unveil
On 2023/01/02 18:59:21 +0100, Omar Polo <op@omarpolo.com> wrote: > On 2022/12/30 19:18:55 +0000, Klemens Nanni <kn@openbsd.org> wrote: > > Why not simply do the stub unveil here: > > > > unveil("/", ""); > > > > Then you can leave the promises unchanged, since pleding without > > "unveil" immediately after your last unveil is equivalent to > > unveil(NULL, NULL), no? > > (sorry for the late reply) > > Yes, it is, and I'd agree it's cleaner. > > However, in other parts of got you'd find this "pattern" of doing > pledge("... unveil") and then apply_unveil() to lock it. (see > got/got.c and tog/tog.c for example), so this is consistent with the > rest of the codebase. ah, and this also ensures that unveil is used even in PROFILE builds (that disable pledge().) Not a great deal tho, those builds are just for profiling and not regular use.
gotd auth unveil