sure you'll get EPERM and you can call it a day :)
but if you no longer need to call unveil again and pledge is in place just
remove its promise and if you try to call it your program will nicely abort
instead :D
On 08:59 Thu 04 Aug , Bryan Steele wrote:
> On Thu, Aug 04, 2022 at 12:47:36PM +
On Thu, Aug 04, 2022 at 12:47:36PM +0100, Ricardo Mestre wrote:
> We are using pledge so if you don't remove the unveil permission it will be
> allowed throughtout the entire process, so please just change unveil(NULL,
> NULL)
> to old previous pledge("stdio rpath wpath cpath fattr sendfd").
>
>
We are using pledge so if you don't remove the unveil permission it will be
allowed throughtout the entire process, so please just change unveil(NULL, NULL)
to old previous pledge("stdio rpath wpath cpath fattr sendfd").
Thank you :)
On 12:29 Thu 04 Aug , Claudio Jeker wrote:
> On Thu, Aug 04
On Thu, Aug 04, 2022 at 12:24:03PM +0200, Theo Buehler wrote:
> On Thu, Aug 04, 2022 at 12:11:45PM +0200, Claudio Jeker wrote:
> > This diff adds unveil to the main process. This is done after all files
> > from the command line have been read. Both for regular and -f mode.
> > Once the args have b
On Thu, Aug 04, 2022 at 12:11:45PM +0200, Claudio Jeker wrote:
> This diff adds unveil to the main process. This is done after all files
> from the command line have been read. Both for regular and -f mode.
> Once the args have been read the process can limit the access to the
> cachedir and the ou
This diff adds unveil to the main process. This is done after all files
from the command line have been read. Both for regular and -f mode.
Once the args have been read the process can limit the access to the
cachedir and the output dir. In -f mode only read access to the cachdir is
required. In re