Refactor pledge() to be more configurable

The earlier iterations did too much guesswork when it came to things
like stderr logging and syscall origin verification. This change will
make things more conformant to existing practices. The __pledge_mode
extension now can be configured in a better way.

There's also a new `-q` flag added to pledge.com, e.g.

    o//tool/build/pledge.com -qv. ls

Is a good way to disable warnings about `tty` access attempts.
This commit is contained in:
Justine Tunney 2022-08-11 11:27:25 -07:00
parent 6b8b58fdf5
commit 625aa365f1
36 changed files with 203 additions and 168 deletions

View file

@ -19,7 +19,7 @@
-- 5869). As with RFC 4634, code to perform SHA-based Hashed Message
-- Authentication Codes (HMACs) is also included.
unix.pledge('stdio')
assert(unix.pledge('stdio'))
-- SHA-1
assert(Sha1(nil) == nil)