From 95bb627ffbb5fcbf9462b5957d0cb25072d8c64e Mon Sep 17 00:00:00 2001 From: C. McEnroe Date: Sat, 23 Jan 2021 00:03:58 -0500 Subject: Separate kiosk mode from restrict mode Restrict mode will focus on sandboxing, while kiosk will continue to restrict IRC access through a public kiosk. Kiosk mode without restrict mode allows execution of man 1 catgirl with /help, assuming external sandboxing. The /list and /part commands are also added to the list of disabled commands in kiosk mode, since they are pointless without access to /join. --- catgirl.1 | 39 +++++++++++++++++++++++++++++---------- 1 file changed, 29 insertions(+), 10 deletions(-) (limited to 'catgirl.1') diff --git a/catgirl.1 b/catgirl.1 index b632317..f0dddfe 100644 --- a/catgirl.1 +++ b/catgirl.1 @@ -1,4 +1,4 @@ -.Dd January 16, 2021 +.Dd January 22, 2021 .Dt CATGIRL 1 .Os . @@ -8,7 +8,7 @@ . .Sh SYNOPSIS .Nm -.Op Fl Relv +.Op Fl KRelv .Op Fl C Ar copy .Op Fl H Ar hash .Op Fl I Ar highlight @@ -123,6 +123,20 @@ The commands which can be filtered are: .Sy QUIT , .Sy SETNAME . . +.It Fl K , Cm kiosk +Disable the +.Ic /copy , +.Ic /debug , +.Ic /exec , +.Ic /join , +.Ic /list , +.Ic /msg , +.Ic /open , +.Ic /part , +.Ic /query , +.Ic /quote +commands. +. .It Fl N Ar util , Cm notify = Ar util Send notifications using a utility. Use more than once to add arguments to @@ -145,14 +159,19 @@ The default is the first available of .It Fl R , Cm restrict Disable the .Ic /copy , -.Ic /debug , -.Ic /exec , -.Ic /join , -.Ic /msg , -.Ic /open , -.Ic /query , -.Ic /quote -commands. +.Ic /exec +and +.Ic /open +commands, +as well as viewing this manual with +.Ic /help . +On +.Ox , +restrict system operations +and filesystem access with +.Xr pledge 2 +and +.Xr unveil 2 . . .It Fl S Ar host , Cm bind = Ar host Bind to source address -- cgit 1.4.1-2-gfad0