From: Tracey Emery Subject: move gotweb pledge scope To: gameoftrees@openbsd.org Date: Thu, 16 Jan 2020 03:20:15 -0700 Hello, The following diff moves pledge from a single function call to each individual gotweb function. This allows for tighter control over selected promises. Ok? -- Tracey Emery diff c08369d7b2d435a4c881c980f9a7192c5f7fc61a /home/basepr1me/Documents/got/got/got blob - 969f659b425731a10dc96ef765903958e180d926 file + gotweb/TODO --- gotweb/TODO +++ gotweb/TODO @@ -11,5 +11,3 @@ TODO - Redo index header, so columns are removed when content is set to not display in gotweb.conf. - -- Move pledge to each function. Only diffing needs wpath and cpath. blob - daa235b3c518c0e7524fc9f89e2d9c4b7942cf30 file + gotweb/gotweb.c --- gotweb/gotweb.c +++ gotweb/gotweb.c @@ -267,6 +267,12 @@ gw_blame(struct gw_trans *gw_trans) char *log, *log_html; + if (pledge("stdio rpath wpath cpath proc exec sendfd unveil", + NULL) == -1) { + error = got_error_from_errno("pledge"); + return error; + } + error = gw_apply_unveil(gw_trans->gw_dir->path, NULL); if (error) return error; @@ -289,6 +295,12 @@ gw_commit(struct gw_trans *gw_trans) const struct got_error *error = NULL; char *log, *log_html; + if (pledge("stdio rpath proc exec sendfd unveil", + NULL) == -1) { + error = got_error_from_errno("pledge"); + return error; + } + error = gw_apply_unveil(gw_trans->gw_dir->path, NULL); if (error) return error; @@ -311,6 +323,12 @@ gw_commitdiff(struct gw_trans *gw_trans) const struct got_error *error = NULL; char *log, *log_html; + if (pledge("stdio rpath wpath cpath proc exec sendfd unveil", + NULL) == -1) { + error = got_error_from_errno("pledge"); + return error; + } + error = gw_apply_unveil(gw_trans->gw_dir->path, NULL); if (error) return error; @@ -335,6 +353,12 @@ gw_index(struct gw_trans *gw_trans) char *html, *navs, *next, *prev; unsigned int prev_disp = 0, next_disp = 1, dir_c = 0; + if (pledge("stdio rpath proc exec sendfd unveil", + NULL) == -1) { + error = got_error_from_errno("pledge"); + return error; + } + error = gw_apply_unveil(gw_trans->gw_conf->got_repos_path, NULL); if (error) return error; @@ -425,6 +449,12 @@ gw_log(struct gw_trans *gw_trans) const struct got_error *error = NULL; char *log, *log_html; + if (pledge("stdio rpath proc exec sendfd unveil", + NULL) == -1) { + error = got_error_from_errno("pledge"); + return error; + } + error = gw_apply_unveil(gw_trans->gw_dir->path, NULL); if (error) return error; @@ -456,6 +486,12 @@ gw_logbriefs(struct gw_trans *gw_trans) const struct got_error *error = NULL; char *log, *log_html; + if (pledge("stdio rpath proc exec sendfd unveil", + NULL) == -1) { + error = got_error_from_errno("pledge"); + return error; + } + error = gw_apply_unveil(gw_trans->gw_dir->path, NULL); if (error) return error; @@ -482,6 +518,12 @@ gw_summary(struct gw_trans *gw_trans) *cloneurl_html, *log, *log_html, *tags, *heads, *tags_html, *heads_html, *age; + if (pledge("stdio rpath proc exec sendfd unveil", + NULL) == -1) { + error = got_error_from_errno("pledge"); + return error; + } + error = gw_apply_unveil(gw_trans->gw_dir->path, NULL); if (error) return error; @@ -576,6 +618,12 @@ gw_tag(struct gw_trans *gw_trans) const struct got_error *error = NULL; char *log, *log_html; + if (pledge("stdio rpath proc exec sendfd unveil", + NULL) == -1) { + error = got_error_from_errno("pledge"); + return error; + } + error = gw_apply_unveil(gw_trans->gw_dir->path, NULL); if (error) return error; @@ -598,6 +646,12 @@ gw_tree(struct gw_trans *gw_trans) const struct got_error *error = NULL; char *log, *log_html; + if (pledge("stdio rpath proc exec sendfd unveil", + NULL) == -1) { + error = got_error_from_errno("pledge"); + return error; + } + error = gw_apply_unveil(gw_trans->gw_dir->path, NULL); if (error) return error; @@ -2651,12 +2705,6 @@ main(int argc, char *argv[]) malloc(sizeof(struct gotweb_conf))) == NULL) { gw_malloc = 0; error = got_error_from_errno("malloc"); - goto err; - } - - if (pledge("stdio rpath wpath cpath proc exec sendfd unveil", - NULL) == -1) { - error = got_error_from_errno("pledge"); goto err; }