switch to using the protect lib
This commit is contained in:
Aaron Bieber
parent
0a5e8419ca
commit
7d5520b53d
3
go.mod
3
go.mod
|
|
@ -4,5 +4,6 @@ go 1.13
|
|||
|
||||
require (
|
||||
golang.org/x/crypto v0.0.0-20200204104054-c9f3fb736b72
|
||||
golang.org/x/sys v0.0.0-20200124204421-9fbb57f87de9
|
||||
golang.org/x/sys v0.0.0-20200501145240-bc7a7d42d5c3
|
||||
suah.dev/protect v0.1.0
|
||||
)
|
||||
|
|
|
|||
4
go.sum
4
go.sum
|
|
@ -6,4 +6,8 @@ golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5h
|
|||
golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20200124204421-9fbb57f87de9 h1:1/DFK4b7JH8DmkqhUk48onnSfrPzImPoVxuomtbT2nk=
|
||||
golang.org/x/sys v0.0.0-20200124204421-9fbb57f87de9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/sys v0.0.0-20200501145240-bc7a7d42d5c3 h1:5B6i6EAiSYyejWfvc5Rc9BbI3rzIsrrXfAQBWnYfn+w=
|
||||
golang.org/x/sys v0.0.0-20200501145240-bc7a7d42d5c3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
|
||||
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
|
||||
suah.dev/protect v0.1.0 h1:ZHFEMrLULY8qH5EJSTiqgKvjsG7z3wXLBBmxbAonp6g=
|
||||
suah.dev/protect v0.1.0/go.mod h1:ZSgyBM30JUwhVPWJzVHh0jlu5W6Qz1VR6tIhAzqJZ9Y=
|
||||
|
|
|
|||
12
main.go
12
main.go
|
|
@ -8,6 +8,7 @@ import (
|
|||
"strings"
|
||||
|
||||
"golang.org/x/crypto/openpgp"
|
||||
"suah.dev/protect"
|
||||
)
|
||||
|
||||
func errExit(err error) {
|
||||
|
|
@ -19,7 +20,6 @@ func errExit(err error) {
|
|||
}
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
func main() {
|
||||
|
|
@ -29,12 +29,12 @@ func main() {
|
|||
flag.StringVar(&pub, "pub", "", "path to pub file")
|
||||
flag.Parse()
|
||||
|
||||
pledge("stdio tty unveil rpath")
|
||||
protect.Pledge("stdio tty unveil rpath")
|
||||
|
||||
unveil(sig, "r")
|
||||
unveil(file, "r")
|
||||
unveil(pub, "r")
|
||||
unveilBlock()
|
||||
protect.Unveil(sig, "r")
|
||||
protect.Unveil(file, "r")
|
||||
protect.Unveil(pub, "r")
|
||||
protect.UnveilBlock()
|
||||
|
||||
fPub, err := os.Open(pub)
|
||||
errExit(err)
|
||||
|
|
|
|||
|
|
@ -1,7 +0,0 @@
|
|||
//+build !openbsd
|
||||
|
||||
package main
|
||||
|
||||
func pledge(promises string) {}
|
||||
func unveil(path string, flags string) {}
|
||||
func unveilBlock() {}
|
||||
|
|
@ -1,28 +0,0 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"log"
|
||||
|
||||
"golang.org/x/sys/unix"
|
||||
)
|
||||
|
||||
func pledge(promises string) {
|
||||
err := unix.PledgePromises(promises)
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
}
|
||||
|
||||
func unveil(path string, flags string) {
|
||||
err := unix.Unveil(path, flags)
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
}
|
||||
|
||||
func unveilBlock() {
|
||||
err := unix.UnveilBlock()
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
}
|
||||
Loading…
Reference in New Issue