mirrors/cosmopolitan
1
0
Fork 0
mirror of https://github.com/jart/cosmopolitan.git synced 2025-07-06 11:18:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Remove old code from Landlock Make

Browse source
This commit is contained in:
Justine Tunney 2022-11-02 00:55:05 -07:00
parent e9735a7738
commit bd6069deb5
No known key found for this signature in database
GPG key ID: BE714B4575D6E328
1 changed files with 25 additions and 67 deletions
Download patch file Download diff file Expand all files Collapse all files

42
third_party/make/job.c vendored
View file

@ -2160,30 +2160,6 @@ child_execute_job (struct childbase *child,
{ {
errno = 0; errno = 0;
if (sandboxed) if (sandboxed)
{
if (!strict && argv[0][0] == '/' && IsDynamicExecutable (argv[0]))
{
/*
* weaken sandbox if user is using dynamic shared lolbjects
*/
RETURN_ON_ERROR (Unveil ("/bin", "rx"));
RETURN_ON_ERROR (Unveil ("/lib", "rx"));
RETURN_ON_ERROR (Unveil ("/lib64", "rx"));
RETURN_ON_ERROR (Unveil ("/usr/bin", "rx"));
RETURN_ON_ERROR (Unveil ("/usr/lib", "rx"));
RETURN_ON_ERROR (Unveil ("/usr/lib64", "rx"));
RETURN_ON_ERROR (Unveil ("/usr/local/lib", "rx"));
RETURN_ON_ERROR (Unveil ("/usr/local/lib64", "rx"));
RETURN_ON_ERROR (Unveil ("/etc/ld-musl-x86_64.path", "r"));
RETURN_ON_ERROR (Unveil ("/etc/ld.so.conf", "r"));
RETURN_ON_ERROR (Unveil ("/etc/ld.so.cache", "r"));
RETURN_ON_ERROR (Unveil ("/etc/ld.so.conf.d", "r"));
RETURN_ON_ERROR (Unveil ("/etc/ld.so.preload", "r"));
RETURN_ON_ERROR (Unveil ("/usr/include", "r"));
RETURN_ON_ERROR (Unveil ("/usr/share/locale", "r"));
RETURN_ON_ERROR (Unveil ("/usr/share/locale-langpack", "r"));
}
else
{ {
/* /*
* permit launching actually portable executables * permit launching actually portable executables
@ -2214,7 +2190,6 @@ child_execute_job (struct childbase *child,
free (t); free (t);
} }
} }
}
/* Unveil executable. */ /* Unveil executable. */
RETURN_ON_ERROR (Unveil (argv[0], "rx")); RETURN_ON_ERROR (Unveil (argv[0], "rx"));
@ -2223,23 +2198,6 @@ child_execute_job (struct childbase *child,
if (c->tmpdir) if (c->tmpdir)
RETURN_ON_ERROR (Unveil (c->tmpdir, "rwcx")); RETURN_ON_ERROR (Unveil (c->tmpdir, "rwcx"));
/* Unveil lazy mode files. */
if (!strict)
{
RETURN_ON_ERROR (Unveil ("/tmp", "rwc"));
RETURN_ON_ERROR (Unveil ("/dev/zero", "r"));
RETURN_ON_ERROR (Unveil ("/dev/null", "rw"));
RETURN_ON_ERROR (Unveil ("/dev/full", "rw"));
RETURN_ON_ERROR (Unveil ("/dev/stdin", "rw"));
RETURN_ON_ERROR (Unveil ("/dev/stdout", "rw"));
RETURN_ON_ERROR (Unveil ("/dev/stderr", "rw"));
RETURN_ON_ERROR (Unveil ("/etc/hosts", "r"));
}
/* Unveil .PLEDGE = tmppath. */
if (!strict && promises && (~ipromises & (1ul << PROMISE_TMPPATH)))
RETURN_ON_ERROR (Unveil ("/tmp", "rwc"));
/* Unveil .PLEDGE = vminfo. */ /* Unveil .PLEDGE = vminfo. */
if (promises && (~ipromises & (1ul << PROMISE_VMINFO))) if (promises && (~ipromises & (1ul << PROMISE_VMINFO)))
{ {