tAdd unveil() support on OpenBSD - safe - password protected secret keeper
(HTM) git clone git://git.z3bra.org/safe.git
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) README
(DIR) LICENSE
---
(DIR) commit 6425e260efef9e9f80c24d3d5116d2dc05837330
(DIR) parent c2750950f47475b591b2e70c6079310f7b2f6e0c
(HTM) Author: Willy Goiffon <dev@z3bra.org>
Date: Fri, 19 Aug 2022 19:07:29 +0200
Add unveil() support on OpenBSD
Diffstat:
M safe.c | 7 +++++++
1 file changed, 7 insertions(+), 0 deletions(-)
---
(DIR) diff --git a/safe.c b/safe.c
t@@ -426,6 +426,13 @@ main(int argc, char *argv[])
if (!safe)
safe = safe_dir;
+#ifdef __OpenBSD__
+ unveil(safe, "rwc");
+ unveil(_PATH_TTY, "rw"); // needed for reading passwords
+ if (sockp)
+ unveil(sockp, "rw");
+#endif
+
mkdir(safe, 0700);
if (chdir(safe) < 0)
err(1, "chdir: %s", safe);