tAdd unveil() support on OpenBSD - safe - password protected secret keeper
HTML git clone git://git.z3bra.org/safe.git
DIR Log
DIR Files
DIR Refs
DIR README
DIR LICENSE
---
DIR commit 6425e260efef9e9f80c24d3d5116d2dc05837330
DIR parent c2750950f47475b591b2e70c6079310f7b2f6e0c
HTML Author: Willy Goiffon <dev@z3bra.org>
Date: Fri, 19 Aug 2022 19:07:29 +0200
Add unveil() support on OpenBSD
Diffstat:
M safe.c | 7 +++++++
1 file changed, 7 insertions(+), 0 deletions(-)
---
DIR diff --git a/safe.c b/safe.c
t@@ -426,6 +426,13 @@ main(int argc, char *argv[])
if (!safe)
safe = safe_dir;
+#ifdef __OpenBSD__
+ unveil(safe, "rwc");
+ unveil(_PATH_TTY, "rw"); // needed for reading passwords
+ if (sockp)
+ unveil(sockp, "rw");
+#endif
+
mkdir(safe, 0700);
if (chdir(safe) < 0)
err(1, "chdir: %s", safe);