Browse Source

pledge()'s 2nd argument becomes char *execpromises, which becomes the

pledge for a new execve image immediately upon start.  Also introduces
"error" which makes violations return -1 ENOSYS instead of killing the
program ("error" may not be handed to a setuid/setgid program, which
may be missing/ignoring syscall return values and would continue with
inconsistant state)
Discussion with many
florian has used this to improve the strictness of a daemon
OPENBSD_6_3
deraadt 7 years ago
parent
commit
3329807a0b
1 changed files with 2 additions and 2 deletions
  1. +2
    -2
      src/include/unistd.h

+ 2
- 2
src/include/unistd.h View File

@ -1,4 +1,4 @@
/* $OpenBSD: unistd.h,v 1.104 2017/03/09 10:13:03 fcambus Exp $ */
/* $OpenBSD: unistd.h,v 1.105 2017/12/12 01:12:34 deraadt Exp $ */
/* $NetBSD: unistd.h,v 1.26.4.1 1996/05/28 02:31:51 mrg Exp $ */
/*-
@ -522,7 +522,7 @@ int strtofflags(char **, u_int32_t *, u_int32_t *);
int swapctl(int cmd, const void *arg, int misc);
int syscall(int, ...);
int getentropy(void *, size_t);
int pledge(const char *, const char **);
int pledge(const char *, const char *);
pid_t __tfork_thread(const struct __tfork *, size_t, void (*)(void *),
void *);
#endif /* __BSD_VISIBLE */


Loading…
Cancel
Save