version 1.46, 2019/09/14 17:47:00 |
version 1.47, 2021/07/12 15:09:19 |
|
|
display(tempname, dfd, pw); |
display(tempname, dfd, pw); |
|
|
if (unveil(_PATH_BSHELL, "x") == -1) |
if (unveil(_PATH_BSHELL, "x") == -1) |
err(1, "unveil"); |
err(1, "unveil %s", _PATH_BSHELL); |
if (unveil(_PATH_SHELLS, "r") == -1) |
if (unveil(_PATH_SHELLS, "r") == -1) |
err(1, "unveil"); |
err(1, "unveil %s", _PATH_SHELLS); |
if (unveil(tempname, "rc") == -1) |
if (unveil(tempname, "rc") == -1) |
err(1, "unveil"); |
err(1, "unveil %s", tempname); |
if (pledge("stdio rpath wpath cpath id proc exec unveil", |
if (pledge("stdio rpath wpath cpath id proc exec unveil", |
NULL) == -1) |
NULL) == -1) |
err(1, "pledge"); |
err(1, "pledge"); |
|
|
|
|
if (op == NEWSH) { |
if (op == NEWSH) { |
if (unveil(_PATH_SHELLS, "r") == -1) |
if (unveil(_PATH_SHELLS, "r") == -1) |
err(1, "unveil"); |
err(1, "unveil %s", _PATH_SHELLS); |
if (pledge("stdio rpath wpath cpath id proc exec unveil", |
if (pledge("stdio rpath wpath cpath id proc exec unveil", |
NULL) == -1) |
NULL) == -1) |
err(1, "pledge"); |
err(1, "pledge"); |
|
|
sigprocmask(SIG_BLOCK, &fullset, NULL); |
sigprocmask(SIG_BLOCK, &fullset, NULL); |
|
|
if (unveil(_PATH_MASTERPASSWD_LOCK, "rwc") == -1) |
if (unveil(_PATH_MASTERPASSWD_LOCK, "rwc") == -1) |
err(1, "unveil"); |
err(1, "unveil %s", _PATH_MASTERPASSWD_LOCK); |
if (unveil(_PATH_MASTERPASSWD, "r") == -1) |
if (unveil(_PATH_MASTERPASSWD, "r") == -1) |
err(1, "unveil"); |
err(1, "unveil %s", _PATH_MASTERPASSWD); |
if (unveil(_PATH_PWD_MKDB, "x") == -1) |
if (unveil(_PATH_PWD_MKDB, "x") == -1) |
err(1, "unveil"); |
err(1, "unveil %s", _PATH_PWD_MKDB); |
if (pledge("stdio rpath wpath cpath proc exec", NULL) == -1) |
if (pledge("stdio rpath wpath cpath proc exec", NULL) == -1) |
err(1, "pledge"); |
err(1, "pledge"); |
|
|