mirror of
https://github.com/jart/cosmopolitan.git
synced 2025-07-17 16:10:29 +00:00
Make improvements
- Introduce path module to redbean - Fix glitch with linenoise printing extra line on eof - Introduce closefrom() and close_range() system calls - Make file descriptor closing more secure in pledge.com
This commit is contained in:
parent
439ad21b12
commit
1837dc2e85
31 changed files with 806 additions and 75 deletions
|
@ -84,6 +84,7 @@ static const uint16_t kPledgeLinuxStdio[] = {
|
|||
__NR_linux_clock_getres, //
|
||||
__NR_linux_clock_gettime, //
|
||||
__NR_linux_clock_nanosleep, //
|
||||
__NR_linux_close_range, //
|
||||
__NR_linux_close, //
|
||||
__NR_linux_write, //
|
||||
__NR_linux_writev, //
|
||||
|
|
|
@ -296,6 +296,9 @@ static int sys_unveil_linux(const char *path, const char *permissions) {
|
|||
* possible to use opendir() and go fishing for paths which weren't
|
||||
* previously known.
|
||||
*
|
||||
* 5. Always specify at least one path. OpenBSD has unclear semantics
|
||||
* when `pledge(0,0)` is used without any previous calls.
|
||||
*
|
||||
* This system call is supported natively on OpenBSD and polyfilled on
|
||||
* Linux using the Landlock LSM[1].
|
||||
*
|
||||
|
@ -321,6 +324,7 @@ static int sys_unveil_linux(const char *path, const char *permissions) {
|
|||
* @raise EINVAL if one argument is set and the other is not
|
||||
* @raise EINVAL if an invalid character in `permissions` was found
|
||||
* @raise EPERM if unveil() is called after locking
|
||||
* @note on Linux this function requires Linux Kernel 5.13+
|
||||
* @see [1] https://docs.kernel.org/userspace-api/landlock.html
|
||||
*/
|
||||
int unveil(const char *path, const char *permissions) {
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue