mirror of
https://github.com/jart/cosmopolitan.git
synced 2025-05-23 13:52:28 +00:00
Improve pledge() usability and consistency
- We now kill the program on violations like OpenBSD
- We now print a message explaining which promise is needed
- This change also fixes a linkage bug with thread local storage
- Your sigaction() handlers should now be more thread safe
A new `__pledge_mode` global has been introduced to make pledge() more
customizable on Linux. For example:
__attribute__((__constructor__)) static void init(void) {
__pledge_mode = SECCOMP_RET_ERRNO | EPERM;
}
Can be used to restore our old permissive pledge() behavior.
This commit is contained in:
Justine Tunney
parent
13c1c45075
commit
5546559034
30 changed files with 713 additions and 86 deletions
1
third_party/lua/lunix.c
vendored
1
third_party/lua/lunix.c
vendored
|
|
@ -1381,6 +1381,7 @@ static int LuaUnixSiocgifconf(lua_State *L) {
|
|||
// └─→ nil, unix.Errno
|
||||
static int LuaUnixPledge(lua_State *L) {
|
||||
int olderr = errno;
|
||||
__pledge_mode = 0;
|
||||
return SysretBool(L, "pledge", olderr,
|
||||
pledge(luaL_checkstring(L, 1), luaL_optstring(L, 2, 0)));
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue