mirror of
https://github.com/jart/cosmopolitan.git
synced 2025-07-14 06:59:10 +00:00
Improve pledge() usability and consistency
- We now kill the program on violations like OpenBSD - We now print a message explaining which promise is needed - This change also fixes a linkage bug with thread local storage - Your sigaction() handlers should now be more thread safe A new `__pledge_mode` global has been introduced to make pledge() more customizable on Linux. For example: __attribute__((__constructor__)) static void init(void) { __pledge_mode = SECCOMP_RET_ERRNO | EPERM; } Can be used to restore our old permissive pledge() behavior.
This commit is contained in:
parent
13c1c45075
commit
5546559034
30 changed files with 713 additions and 86 deletions
|
@ -25,6 +25,7 @@
|
|||
#include "libc/calls/struct/flock.h"
|
||||
#include "libc/calls/struct/iovec.h"
|
||||
#include "libc/calls/struct/rusage.h"
|
||||
#include "libc/calls/struct/seccomp.h"
|
||||
#include "libc/calls/struct/sigaction.h"
|
||||
#include "libc/calls/struct/stat.h"
|
||||
#include "libc/calls/struct/termios.h"
|
||||
|
@ -32,6 +33,7 @@
|
|||
#include "libc/dns/dns.h"
|
||||
#include "libc/dns/hoststxt.h"
|
||||
#include "libc/dos.h"
|
||||
#include "libc/errno.h"
|
||||
#include "libc/fmt/conv.h"
|
||||
#include "libc/fmt/itoa.h"
|
||||
#include "libc/intrin/kprintf.h"
|
||||
|
@ -6585,17 +6587,18 @@ static void UnveilRedbean(void) {
|
|||
}
|
||||
|
||||
static int EnableSandbox(void) {
|
||||
__pledge_mode = SECCOMP_RET_ERRNO | EPERM;
|
||||
switch (sandboxed) {
|
||||
case 0:
|
||||
return 0;
|
||||
case 1: // -S
|
||||
DEBUGF("(stat) applying '%s' sandbox policy", "online");
|
||||
UnveilRedbean();
|
||||
return pledge("stdio rpath inet dns", 0);
|
||||
return pledge("stdio rpath inet dns id", 0);
|
||||
case 2: // -SS
|
||||
DEBUGF("(stat) applying '%s' sandbox policy", "offline");
|
||||
UnveilRedbean();
|
||||
return pledge("stdio rpath", 0);
|
||||
return pledge("stdio rpath id", 0);
|
||||
default: // -SSS
|
||||
DEBUGF("(stat) applying '%s' sandbox policy", "contained");
|
||||
UnveilRedbean();
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue