security.c (1688B)
1 #include "security.h" 2 3 #include <assert.h> 4 #include <err.h> 5 6 #ifdef __OpenBSD__ 7 #include <unistd.h> 8 #else 9 static int unveil(const char* path, const char* permissions) { 10 (void)path; 11 (void)permissions; 12 return 0; 13 } 14 static int pledge(const char* promises, const char* execpromises) { 15 (void)promises; 16 (void)execpromises; 17 return 0; 18 } 19 #endif // __OpenBSD__ 20 21 void restrict_filesystem_access(const char* readonly_paths[], 22 size_t readonly_paths_count, 23 const char* readwrite_paths[], 24 size_t readwrite_paths_count) { 25 assert(readonly_paths != NULL || readonly_paths_count == 0); 26 assert(readwrite_paths != NULL || readwrite_paths_count == 0); 27 28 for (size_t i = 0; i < readonly_paths_count; i++) { 29 const char* path = readonly_paths[i]; 30 if (unveil(path, "r") == -1) { 31 err(1, "unveil: %s", path); 32 } 33 } 34 for (size_t i = 0; i < readwrite_paths_count; i++) { 35 const char* path = readwrite_paths[i]; 36 if (unveil(path, "rwc") == -1) { 37 err(1, "unveil: %s", path); 38 } 39 } 40 41 // Lock in the filesystem restrictions. 42 if (unveil(NULL, NULL) == -1) { 43 err(1, "unveil: failed to lock"); 44 } 45 } 46 47 void restrict_system_operations(RestrictionType type) { 48 const char* promises = NULL; 49 switch (type) { 50 case kGout: 51 promises = "stdio rpath wpath cpath"; 52 break; 53 case kGoutWithCachefile: 54 promises = "stdio rpath wpath cpath fattr"; 55 break; 56 case kGoutIndex: 57 promises = "stdio rpath"; 58 break; 59 default: 60 err(1, "unknown restriction"); 61 break; 62 } 63 if (pledge(promises, NULL) == -1) { 64 err(1, "pledge"); 65 } 66 }