Improve pledge() and unveil()

The pledge.com command now supports the new [WIP] unveil() support. For example, to strongly sandbox our command for listing directories. o//tool/build/assimilate.com o//examples/ls.com pledge.com -v /etc -p 'stdio rpath' o//examples/ls.com /etc This file system sandboxing is going to be perfect for us, because APE binaries are self-contained static executables that really don't use the filesystem that much. On the other hand, with non-static executables, sandboxing is going to be more difficult. For example, here's how to sandbox the `ls` command on the latest Alpine: pledge.com -v rx:/lib -v /usr/lib -v /etc -p 'stdio rpath exec' ls /etc This change fixes the `execpromises` API with pledge(). This change also adds unix.unveil() to redbean. Fixes #494
2025-07-09 04:38:29 +00:00 · 2022-07-18 07:23:15 -07:00 · 2022-07-18 07:23:15 -07:00 · e81edf7b04
commit e81edf7b04
parent b1d9d11be1
19 changed files with 535 additions and 150 deletions
--- a/test/libc/mem/test.mk
+++ b/test/libc/mem/test.mk
@ -61,34 +61,64 @@ o/$(MODE)/test/libc/mem/%.com.dbg:				\
 		$(TEST_LIBC_MEM_DEPS)				\
 		o/$(MODE)/test/libc/mem/%.o			\
 		o/$(MODE)/test/libc/mem/mem.pkg			\
-		o/$(MODE)/test/libc/mem/life.elf.zip.o		\
+		o/$(MODE)/test/libc/mem/prog/life.elf.zip.o	\
+		o/$(MODE)/test/libc/mem/prog/sock.elf.zip.o	\
 		$(LIBC_TESTMAIN)				\
 		$(CRT)						\
 		$(APE_NO_MODIFY_SELF)
 	@$(APELINK)

-o/$(MODE)/test/libc/mem/life.com.dbg:				\
+################################################################################
+
+o/$(MODE)/test/libc/mem/prog/life.com.dbg:			\
 		$(LIBC_RUNTIME)					\
-		o/$(MODE)/test/libc/mem/life.o			\
+		o/$(MODE)/test/libc/mem/prog/life.o		\
 		$(CRT)						\
 		$(APE)
 	@$(APELINK)

-o/$(MODE)/test/libc/mem/life.elf:				\
+o/$(MODE)/test/libc/mem/prog/life.elf:				\
 		o/$(MODE)/tool/build/assimilate.com		\
-		o/$(MODE)/test/libc/mem/life.com
+		o/$(MODE)/test/libc/mem/prog/life.com
 	@$(COMPILE) -ACP -T$@					\
 		build/bootstrap/cp.com				\
-		o/$(MODE)/test/libc/mem/life.com		\
-		o/$(MODE)/test/libc/mem/life.elf
+		o/$(MODE)/test/libc/mem/prog/life.com		\
+		o/$(MODE)/test/libc/mem/prog/life.elf
 	@$(COMPILE) -AASSIMILATE -T$@				\
 		o/$(MODE)/tool/build/assimilate.com		\
-		o/$(MODE)/test/libc/mem/life.elf
+		o/$(MODE)/test/libc/mem/prog/life.elf

-o/$(MODE)/test/libc/mem/life.elf.zip.o:				\
+o/$(MODE)/test/libc/mem/prog/life.elf.zip.o:			\
 		ZIPOBJ_FLAGS +=					\
 			-B

+################################################################################
+
+o/$(MODE)/test/libc/mem/prog/sock.com.dbg:			\
+		$(LIBC_RUNTIME)					\
+		$(LIBC_SOCK)					\
+		o/$(MODE)/test/libc/mem/prog/sock.o		\
+		$(CRT)						\
+		$(APE)
+	@$(APELINK)
+
+o/$(MODE)/test/libc/mem/prog/sock.elf:				\
+		o/$(MODE)/tool/build/assimilate.com		\
+		o/$(MODE)/test/libc/mem/prog/sock.com
+	@$(COMPILE) -ACP -T$@					\
+		build/bootstrap/cp.com				\
+		o/$(MODE)/test/libc/mem/prog/sock.com		\
+		o/$(MODE)/test/libc/mem/prog/sock.elf
+	@$(COMPILE) -AASSIMILATE -T$@				\
+		o/$(MODE)/tool/build/assimilate.com		\
+		o/$(MODE)/test/libc/mem/prog/sock.elf
+
+o/$(MODE)/test/libc/mem/prog/sock.elf.zip.o:			\
+		ZIPOBJ_FLAGS +=					\
+			-B
+
+################################################################################
+
 $(TEST_LIBC_MEM_OBJS):						\
 		DEFAULT_CCFLAGS +=				\
 			-fno-builtin