mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-05-23 13:52:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Use LD_PRELOAD to inject pledge() in glibc progs

Browse source 
We're now able to drop both `exec` and `prot_exec` privileges
automatically when launching glibc dynamic executables. We also have
really outstanding standard error logging now, that explains which
promises are needed, even in cases where `exec` is used.
This commit is contained in:
Justine Tunney 2022-08-08 21:23:37 -07:00
parent 0277d7d6e9
commit 6b3d257588
5 changed files with 286 additions and 178 deletions
Download patch file Download diff file Expand all files Collapse all files

10
test/libc/calls/pledge2_test.c
View file

@ -86,7 +86,7 @@ TEST(pledge, testKillProcessMode) {
TEST(pledge, testLogMessage_inSoftyMode) {
if (IsOpenbsd()) return;
int fds[2];
char msg[64] = {0};
char msg[256] = {0};
ASSERT_SYS(0, 0, pipe(fds));
SPAWN(fork);
__pledge_mode = kPledgeModeErrno;
@ -98,13 +98,13 @@ TEST(pledge, testLogMessage_inSoftyMode) {
read(fds[0], msg, sizeof(msg));
close(fds[0]);
if (IsLinux()) {
ASSERT_STARTSWITH("error: has not pledged inet", msg);
ASSERT_STARTSWITH("error: maybe pledge inet", msg);
}
}
TEST(pledge, testLogMessage_onKillProcess) {
int fds[2];
char msg[64] = {0};
char msg[256] = {0};
ASSERT_SYS(0, 0, pipe(fds));
SPAWN(fork);
__pledge_mode = kPledgeModeKillThread;
@ -116,13 +116,13 @@ TEST(pledge, testLogMessage_onKillProcess) {
read(fds[0], msg, sizeof(msg));
close(fds[0]);
if (IsLinux()) {
ASSERT_STARTSWITH("error: has not pledged inet", msg);
ASSERT_STARTSWITH("error: maybe pledge inet", msg);
}
}
TEST(pledge, testNoLogOrAbrtsignoPossibleSadly_becausePledgedExec) {
int fds[2];
char msg[64] = {0};
char msg[256] = {0};
ASSERT_SYS(0, 0, pipe(fds));
SPAWN(fork);
ASSERT_SYS(0, 2, dup2(fds[1], 2));