diff options
| author | Klemens Nanni | 2021-06-19 14:57:00 +0000 |
|---|---|---|
| committer | C. McEnroe | 2021-06-20 20:21:00 -0400 |
| commit | 3a38e36717ff24a3c028c1c7cfe477d9fec95498 (patch) | |
| tree | a22ab9715396e65e95c332de4e2c58814ad9ab4e | |
| parent | e2bebca7dcfa0af3e3a39b819595cfad593a49d8 (diff) | |
OpenBSD: Only unveil used directories
dataMkdir() already picked the appropiate directory so make it
return that such that unveilData() can go as only that one directory
needs unveiling.
| -rw-r--r-- | chat.c | 15 | ||||
| -rw-r--r-- | chat.h | 2 | ||||
| -rw-r--r-- | xdg.c | 3 |
3 files changed, 6 insertions, 14 deletions
@@ -127,16 +127,6 @@ static void parseHash(char *str) { if (*str) hashBound = strtoul(&str[1], NULL, 0); } -#ifdef __OpenBSD__ -static void unveilData(const char *name) { - const char *dirs = NULL; - for (const char *path; NULL != (path = dataPath(&dirs, name));) { - int error = unveil(path, "wc"); - if (error && errno != ENOENT) err(EX_CANTCREAT, "%s", path); - } -} -#endif - static volatile sig_atomic_t signals[NSIG]; static void signalHandler(int signal) { signals[signal] = 1; @@ -287,8 +277,9 @@ int main(int argc, char *argv[]) { #ifdef __OpenBSD__ if (self.restricted && logEnable) { - dataMkdir(""); - unveilData(""); + const char *logdir = dataMkdir(""); + int error = unveil(logdir, "wc"); + if (error) err(EX_OSERR, "unveil"); } char promises[64] = "stdio tty"; @@ -403,7 +403,7 @@ const char *configPath(const char **dirs, const char *path); const char *dataPath(const char **dirs, const char *path); FILE *configOpen(const char *path, const char *mode); FILE *dataOpen(const char *path, const char *mode); -void dataMkdir(const char *path); +const char *dataMkdir(const char *path); int getopt_config( int argc, char *const *argv, @@ -114,11 +114,12 @@ FILE *configOpen(const char *path, const char *mode) { return NULL; } -void dataMkdir(const char *path) { +const char *dataMkdir(const char *path) { const char *dirs = NULL; path = dataPath(&dirs, path); int error = mkdir(path, S_IRWXU); if (error && errno != EEXIST) err(EX_CANTCREAT, "%s", path); + return path; } FILE *dataOpen(const char *path, const char *mode) { |