mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-06-27 14:58:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Rewrite Linux pledge() code so it can be a payload

Browse source 
It's now possible to build our pledge() polyfill as a dynamic shared
object that can be injected into a glibc executable using LD_PRELOAD
This commit is contained in:
Justine Tunney 2022-08-08 11:41:08 -07:00
parent 7bd4179b9b
commit 0277d7d6e9
37 changed files with 1980 additions and 1600 deletions
Download patch file Download diff file Expand all files Collapse all files

3
tool/net/redbean.c
View file

@ -21,6 +21,7 @@
#include "libc/bits/safemacros.internal.h"
#include "libc/calls/calls.h"
#include "libc/calls/ioctl.h"
#include "libc/calls/pledge.h"
#include "libc/calls/struct/dirent.h"
#include "libc/calls/struct/flock.h"
#include "libc/calls/struct/iovec.h"
@ -6587,7 +6588,7 @@ static void UnveilRedbean(void) {
}
static int EnableSandbox(void) {
__pledge_mode = SECCOMP_RET_ERRNO | EPERM;
__pledge_mode = kPledgeModeErrno;
switch (sandboxed) {
case 0:
return 0;