mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-05-24 14:22:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Do some work on redbean

Browse source 
- Rewrite Slurp() API to be like string.sub()
- Introduce a new Barf() API for creating files
- Update Redbean `-S` sandbox flag to do unveiling
This commit is contained in:
Justine Tunney 2022-07-22 20:44:24 -07:00
parent 742251dd92
commit 48ce3ad7cc
9 changed files with 296 additions and 33 deletions
Download patch file Download diff file Expand all files Collapse all files

12
tool/net/redbean.c
View file

@ -5126,6 +5126,7 @@ static const char *const kDontAutoComplete[] = {
// </SORTED>
static const luaL_Reg kLuaFuncs[] = {
{"Barf", LuaBarf}, //
{"Benchmark", LuaBenchmark}, //
{"Bsf", LuaBsf}, //
{"Bsr", LuaBsr}, //
@ -6543,18 +6544,29 @@ static int ExitWorker(void) {
_Exit(0);
}
static void UnveilRedbean(void) {
size_t i;
for (i = 0; i < stagedirs.n; ++i) {
unveil(stagedirs.p[i].s, "r");
}
unveil(0, 0);
}
static int EnableSandbox(void) {
switch (sandboxed) {
case 0:
return 0;
case 1: // -S
DEBUGF("(stat) applying '%s' sandbox policy", "online");
UnveilRedbean();
return pledge("stdio rpath inet dns", 0);
case 2: // -SS
DEBUGF("(stat) applying '%s' sandbox policy", "offline");
UnveilRedbean();
return pledge("stdio rpath", 0);
default: // -SSS
DEBUGF("(stat) applying '%s' sandbox policy", "contained");
UnveilRedbean();
return pledge("stdio", 0);
}
}