Renaud Allard <ren...@allard.it> wrote:
> This is a small patch to try to add a basic pledge() to exim. It also
> avoids exim from calling some "inappropriate" ioctls.
> This seems to run fine on my server, but I would like a wider testing
> and bug reporting if possible.
I'll step in and say I am really sceptical this diff works in all usage
cases, and if it does not work for all usage cases, then it is wrong
because the program will terminate unexpectedly in those cases (and
who knows, drop mail, leave lock files around, who knows)
It is very rare for pledge to be added to an existing big program without
making the program worse. If you really care for this, you need to establish
a test-setup and invest some major time checking all the behaviours, while
reading the source code with a cynical mindset.
Even then:
if (pledge("stdio rpath wpath cpath inet fattr id proc"
" tty exec flock unix dns getpw", NULL) == -1) {
What does it prevent the program from doing if it gets holed? Not much.
That's close to not calling pledge at all.
