Hi,
The following diff adds [1] OpenBSD pledge(2) support to ii. I've
committed [2] a similar patch to OpenBSD ports tree. but would be
great, if it gets merged upstream.
This restricts ii proccess abilities through pledge(2) system
call [1]. Futher details:
- removing network abilities:
pledge(2) is called in main() purposely after tcpopen(), it removes
the ii network abilities since that ii proccess at that point doesn't
need net operations, so it is turned to a restricted mode without
network capabilities.
- allowing required system calls:
The ii proccess requires some system calls such as (mkfifo(2)
mkdir(2) ...) to create directory structure and fifos on demand
(when joining a new channel for example). So it was allowed through
"rpath wpath cpath dpath" promises. "stdio" is required too, this
allows some basics system calls such as read(2) write(2)
I've been using it with no problems so far.
Full details about pledge(2) at [1]
[1]
http://man.openbsd.org/OpenBSD-current/man2/pledge.2
[2]
http://marc.info/?l=openbsd-ports-cvs&m=146521106930116&w=2
diff --git a/config.mk b/config.mk
index afc28d5..2cf103e 100644
--- a/config.mk
+++ b/config.mk
_AT_@ -25,3 +25,6 @@ LIBS = -L${LIBDIR} -L/usr/lib -lc
CC = cc
CFLAGS = -g -O0 -W -Wall ${INCLUDES} -DVERSION=\"${VERSION}\"
LDFLAGS = ${LIBS}
+
+# OpenBSD pledge(2) support
+# CFLAGS+= -DUSE_PLEDGE
diff --git a/ii.c b/ii.c
index 745e29a..3c6c3c7 100644
--- a/ii.c
+++ b/ii.c
_AT_@ -490,6 +490,14 @@ int main(int argc, char *argv[]) {
}
}
irc = tcpopen(port);
+
+ #ifdef USE_PLEDGE /* OpenBSD pledge(2) support */
+ if (pledge("stdio rpath wpath cpath dpath", NULL) == -1) {
+ fputs("ii: pledge\n", stderr);
+ exit(EXIT_FAILURE);
+ }
+ #endif
+
if(!snprintf(path, sizeof(path), "%s/%s", prefix, host)) {
fputs("ii: path to irc directory too long\n", stderr);
exit(EXIT_FAILURE);
Received on Fri Jun 17 2016 - 04:25:39 CEST