mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-07-10 05:02:06 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Improve upon the new pledge command

Browse source
This commit is contained in:
Justine Tunney 2022-07-14 04:32:33 -07:00
parent b707fca77a
commit 1d744ea11b
13 changed files with 382 additions and 64 deletions
Download patch file Download diff file Expand all files Collapse all files

6
libc/mem/pledge.c
View file

@ -59,11 +59,11 @@ struct Filter {
};
static const uint16_t kPledgeLinuxDefault[] = {
__NR_linux_exit, //
__NR_linux_exit_group, //
__NR_linux_exit, //
};
static const uint16_t kPledgeLinuxStdio[] = {
__NR_linux_exit_group, //
__NR_linux_clock_getres, //
__NR_linux_clock_gettime, //
__NR_linux_clock_nanosleep, //
@ -1132,7 +1132,7 @@ static int sys_pledge_linux(const char *promises, const char *execpromises) {
* `promises` is a string that may include any of the following groups
* delimited by spaces.
*
* - "stdio" allows close, dup, dup2, dup3, fchdir, fstat, fsync,
* - "stdio" allows exit, close, dup, dup2, dup3, fchdir, fstat, fsync,
* fdatasync, ftruncate, getdents, getegid, getrandom, geteuid,
* getgid, getgroups, getitimer, getpgid, getpgrp, getpid, getppid,
* getresgid, getresuid, getrlimit, getsid, wait4, gettimeofday,