On Thu, Jan 28, 2016 at 10:15:53PM -0500, Daniel Dickman wrote:
> On Thu, Jan 28, 2016 at 10:11 PM, Daniel Dickman <didick...@gmail.com> wrote:
> > On Thu, Jan 28, 2016 at 12:51 PM, Frederic Cambus <f...@statdns.com> wrote:
> >> Hi ports@,
> >>
> >> This diff adds support for pledge() to the current Lynx version.
> >>
> >> +
> >> ++ if (pledge("stdio tty cpath rpath wpath dns inet proc exec", NULL)
> >> == -1) {
> >> ++ err(EXIT_FAILURE, "pledge");
> >> ++ }
> >> ++
> >
> > i have ioctl in my local patch. is it not needed?
probably not. a quick grep only shows TIOCGWINSZ (which needs pledge
"tty") and FIONBIO ioctl calls. pledge ioctl in interactive programs is
usually a hint that "tty" was forgotten in earlier attempts with too
tight pledges.
> > is it possible to get rid of proc exec? I didn't add them on my end...
there are shell escapes, so they are probably needed. I don't really
use lynx myself, but it seems to me that it's worth investigating
tighter pledges conditionally on various "lynx -restriction=..."
options (hopefully those can't be changed at runtime).
> Also should it call "err" or "exit_immediately" on failure?
I agree that the latter looks like the right way to go.
