cosmopolitan

mirrors/cosmopolitan

Fork 0

mirror of https://github.com/jart/cosmopolitan.git synced 2025-02-07 15:03:34 +00:00

Commit graph

Author	SHA1	Message	Date
Justine Tunney	625aa365f1	Refactor pledge() to be more configurable The earlier iterations did too much guesswork when it came to things like stderr logging and syscall origin verification. This change will make things more conformant to existing practices. The __pledge_mode extension now can be configured in a better way. There's also a new `-q` flag added to pledge.com, e.g. o//tool/build/pledge.com -qv. ls Is a good way to disable warnings about `tty` access attempts.	2022-08-11 11:35:30 -07:00
Justine Tunney	6b3d257588	Use LD_PRELOAD to inject pledge() in glibc progs We're now able to drop both `exec` and `prot_exec` privileges automatically when launching glibc dynamic executables. We also have really outstanding standard error logging now, that explains which promises are needed, even in cases where `exec` is used.	2022-08-08 21:27:02 -07:00

Author

SHA1

Message

Date

Justine Tunney

625aa365f1

Refactor pledge() to be more configurable

The earlier iterations did too much guesswork when it came to things
like stderr logging and syscall origin verification. This change will
make things more conformant to existing practices. The __pledge_mode
extension now can be configured in a better way.

There's also a new `-q` flag added to pledge.com, e.g.

    o//tool/build/pledge.com -qv. ls

Is a good way to disable warnings about `tty` access attempts.

2022-08-11 11:35:30 -07:00

Justine Tunney

6b3d257588

Use LD_PRELOAD to inject pledge() in glibc progs

We're now able to drop both `exec` and `prot_exec` privileges
automatically when launching glibc dynamic executables. We also have
really outstanding standard error logging now, that explains which
promises are needed, even in cases where `exec` is used.

2022-08-08 21:27:02 -07:00

2 commits