diff options
author | Klemens Nanni | 2021-06-19 14:57:00 +0000 |
---|---|---|
committer | C. McEnroe | 2021-06-20 20:21:00 -0400 |
commit | 3a38e36717ff24a3c028c1c7cfe477d9fec95498 (patch) | |
tree | a22ab9715396e65e95c332de4e2c58814ad9ab4e | |
parent | e2bebca7dcfa0af3e3a39b819595cfad593a49d8 (diff) |
OpenBSD: Only unveil used directories
dataMkdir() already picked the appropiate directory so make it return that such that unveilData() can go as only that one directory needs unveiling.
-rw-r--r-- | chat.c | 15 | ||||
-rw-r--r-- | chat.h | 2 | ||||
-rw-r--r-- | xdg.c | 3 |
3 files changed, 6 insertions, 14 deletions
diff --git a/chat.c b/chat.c index 8816068..479ec94 100644 --- a/chat.c +++ b/chat.c @@ -127,16 +127,6 @@ static void parseHash(char *str) { if (*str) hashBound = strtoul(&str[1], NULL, 0); } -#ifdef __OpenBSD__ -static void unveilData(const char *name) { - const char *dirs = NULL; - for (const char *path; NULL != (path = dataPath(&dirs, name));) { - int error = unveil(path, "wc"); - if (error && errno != ENOENT) err(EX_CANTCREAT, "%s", path); - } -} -#endif - static volatile sig_atomic_t signals[NSIG]; static void signalHandler(int signal) { signals[signal] = 1; @@ -287,8 +277,9 @@ int main(int argc, char *argv[]) { #ifdef __OpenBSD__ if (self.restricted && logEnable) { - dataMkdir(""); - unveilData(""); + const char *logdir = dataMkdir(""); + int error = unveil(logdir, "wc"); + if (error) err(EX_OSERR, "unveil"); } char promises[64] = "stdio tty"; diff --git a/chat.h b/chat.h index c4499a8..74c4abf 100644 --- a/chat.h +++ b/chat.h @@ -403,7 +403,7 @@ const char *configPath(const char **dirs, const char *path); const char *dataPath(const char **dirs, const char *path); FILE *configOpen(const char *path, const char *mode); FILE *dataOpen(const char *path, const char *mode); -void dataMkdir(const char *path); +const char *dataMkdir(const char *path); int getopt_config( int argc, char *const *argv, diff --git a/xdg.c b/xdg.c index e4b252d..6afeb35 100644 --- a/xdg.c +++ b/xdg.c @@ -114,11 +114,12 @@ FILE *configOpen(const char *path, const char *mode) { return NULL; } -void dataMkdir(const char *path) { +const char *dataMkdir(const char *path) { const char *dirs = NULL; path = dataPath(&dirs, path); int error = mkdir(path, S_IRWXU); if (error && errno != EEXIST) err(EX_CANTCREAT, "%s", path); + return path; } FILE *dataOpen(const char *path, const char *mode) { |