pledge twitch-go (WIP) - twitch-go - twitch.tv web application in Go
(HTM) git clone git://git.codemadness.org/twitch-go
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) README
(DIR) LICENSE
---
(DIR) commit 66916f8ad4616aa0d3f1a259ccc01e156ab2246e
(DIR) parent 3fdbc7ac62c19ffaa21116b92f964d288a09dafe
(HTM) Author: Hiltjo Posthuma <hiltjo@codemadness.org>
Date: Sun, 12 Jun 2016 16:23:29 +0200
pledge twitch-go (WIP)
Diffstat:
M main.go | 11 +++++++++++
A openbsd_pledge.go | 34 +++++++++++++++++++++++++++++++
2 files changed, 45 insertions(+), 0 deletions(-)
---
(DIR) diff --git a/main.go b/main.go
@@ -147,6 +147,17 @@ func main() {
flag.StringVar(&config_addrtype, "t", "tcp4", `listen type: "tcp", "tcp4", "tcp6", "unix" or "unixpacket"`)
flag.Parse()
+ pledgestr := "stdio rpath dns"
+ if config_addrtype == "unix" {
+ pledgestr += " unix"
+ } else {
+ pledgestr += " inet"
+ }
+
+ if err := Pledge(pledgestr, nil); err != nil {
+ log.Fatalln(err)
+ }
+
// Remove previous UDS if it exists.
if config_addrtype == "unix" {
os.Remove(config_addr)
(DIR) diff --git a/openbsd_pledge.go b/openbsd_pledge.go
@@ -0,0 +1,34 @@
+// +build openbsd
+// +build 386 amd64 arm
+
+package main
+
+import (
+ "syscall"
+ "unsafe"
+)
+
+const (
+ SYS_PLEDGE = 108
+)
+
+// Pledge implements its respective syscall. For more information see pledge(2).
+func Pledge(promises string, paths []string) (err error) {
+ promisesPtr, err := syscall.BytePtrFromString(promises)
+ if err != nil {
+ return
+ }
+ promisesUnsafe, pathsUnsafe := unsafe.Pointer(promisesPtr), unsafe.Pointer(nil)
+ if paths != nil {
+ var pathsPtr []*byte
+ if pathsPtr, err = syscall.SlicePtrFromStrings(paths); err != nil {
+ return
+ }
+ pathsUnsafe = unsafe.Pointer(&pathsPtr[0])
+ }
+ _, _, e := syscall.Syscall(SYS_PLEDGE, uintptr(promisesUnsafe), uintptr(pathsUnsafe), 0)
+ if e != 0 {
+ err = e
+ }
+ return err
+}