Use stricter pledge promises if possible
This commit is contained in:
parent
e80b9a2c4a
commit
5243a7c955
|
@ -10,15 +10,22 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
err := unix.PledgePromises("unveil stdio rpath")
|
// We need less permissions on these conditions.
|
||||||
panicOnErr(err)
|
if len(os.Args) == 1 ||
|
||||||
|
os.Args[1] == "version" ||
|
||||||
|
os.Args[1] == "env" {
|
||||||
|
err := unix.PledgePromises("stdio")
|
||||||
|
panicOnErr(err)
|
||||||
|
} else {
|
||||||
|
err := unix.PledgePromises("unveil stdio rpath")
|
||||||
|
panicOnErr(err)
|
||||||
|
|
||||||
unveil()
|
unveil()
|
||||||
|
|
||||||
// Drop unveil from promises.
|
|
||||||
err = unix.PledgePromises("stdio rpath")
|
|
||||||
panicOnErr(err)
|
|
||||||
|
|
||||||
|
// Drop unveil from promises.
|
||||||
|
err = unix.PledgePromises("stdio rpath")
|
||||||
|
panicOnErr(err)
|
||||||
|
}
|
||||||
grus()
|
grus()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user