security.c (1539B)
1 #include "security.h" 2 3 #include <err.h> 4 5 #ifdef __OpenBSD__ 6 #include <unistd.h> 7 #else 8 static int unveil(const char* path, const char* permissions) { 9 (void)path; 10 (void)permissions; 11 return 0; 12 } 13 static int pledge(const char* promises, const char* execpromises) { 14 (void)promises; 15 (void)execpromises; 16 return 0; 17 } 18 #endif // __OpenBSD__ 19 20 void restrict_filesystem_access(const char* readonly_paths[], 21 size_t readonly_paths_count, 22 const char* readwrite_paths[], 23 size_t readwrite_paths_count) { 24 for (size_t i = 0; i < readonly_paths_count; i++) { 25 const char* path = readonly_paths[i]; 26 if (unveil(path, "r") == -1) { 27 err(1, "unveil: %s", path); 28 } 29 } 30 for (size_t i = 0; i < readwrite_paths_count; i++) { 31 const char* path = readwrite_paths[i]; 32 if (unveil(path, "rwc") == -1) { 33 err(1, "unveil: %s", path); 34 } 35 } 36 37 // Lock in the filesystem restrictions. 38 if (unveil(NULL, NULL) == -1) { 39 err(1, "unveil: failed to lock"); 40 } 41 } 42 43 void restrict_system_operations(RestrictionType type) { 44 const char* promises = NULL; 45 switch (type) { 46 case kGout: 47 promises = "stdio rpath wpath cpath"; 48 break; 49 case kGoutWithCachefile: 50 promises = "stdio rpath wpath cpath fattr"; 51 break; 52 case kGoutIndex: 53 promises = "stdio rpath"; 54 break; 55 default: 56 err(1, "unknown restriction"); 57 break; 58 } 59 if (pledge(promises, NULL) == -1) { 60 err(1, "pledge"); 61 } 62 }