tunveil() and pledge() safe-agent - safe - password protected secret keeper
(HTM) git clone git://git.z3bra.org/safe.git
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) README
(DIR) LICENSE
---
(DIR) commit efb4beb219890a5796415c790604a282d6b37399
(DIR) parent 628d4291e5d7aff1034d71d33de9e877aaa56027
(HTM) Author: Willy Goiffon <dev@z3bra.org>
Date: Sun, 21 Aug 2022 17:35:42 +0200
unveil() and pledge() safe-agent
Diffstat:
M safe-agent.c | 23 +++++++++++++++++------
1 file changed, 17 insertions(+), 6 deletions(-)
---
(DIR) diff --git a/safe-agent.c b/safe-agent.c
t@@ -245,6 +245,16 @@ main(int argc, char *argv[])
usage();
} ARGEND
+ sodium_mlock(&s, sizeof(s));
+
+#ifndef _DEBUG
+ /* deny core dump as memory contains derivated key */
+ struct rlimit rlim;
+ rlim.rlim_cur = rlim.rlim_max = 0;
+ if (setrlimit(RLIMIT_CORE, &rlim) < 0)
+ err(1, "setrlimit RLIMIT_CORE");
+#endif
+
if (sockp) {
strlcpy(path, sockp, sizeof(path));
} else {
t@@ -256,12 +266,13 @@ main(int argc, char *argv[])
sockp = path;
}
-#ifndef _DEBUG
- /* deny core dump as memory contains derivated key */
- struct rlimit rlim;
- rlim.rlim_cur = rlim.rlim_max = 0;
- if (setrlimit(RLIMIT_CORE, &rlim) < 0)
- err(1, "setrlimit RLIMIT_CORE");
+#ifdef __OpenBSD__
+ if (unveil(_PATH_DEVNULL, "rw") == -1)
+ err(1, "unveil %s", _PATH_DEVNULL);
+ if (unveil(sockp, "c") == -1)
+ err(1, "unveil %s", sockp);
+ if (pledge("stdio unix proc cpath", NULL) == -1)
+ err(1, "pledge");
#endif
if (dflag) {