On Sun, Jul 29, 2018 at 08:43:22AM +0200, Matthieu Herrb wrote: > On Sun, Jul 29, 2018 at 07:28:19AM +0200, Sebastien Marie wrote: > > > > but to decide, we should know *what* triggered this behaviour. > > Hi, > > After digging a bit, there is at least the 'Print All Immediatly' > function from button 1 menu that will trigger the creation of a file > and violate the pledge. > > see xtermPrintImmediately() in print.c:789. The fopen() itself appears > in charToPrinter() on line 498 of the same file.
Hi Matthieu and Lauri, I didn't expected someone else did the homework of Leonid so quickly :) but thanks for digging in this problem. > Should this feature be disabled in xterm ? As xterm has an external upstream, just disabling the feature could be annoying for future merges. And such feature could be legitimate too. I would like to hear what others think about it. The problem is this command doesn't have switch we could use to decide if we add "cpath" in pledge(2) or not ; as we have already done for exec-formated or exec-selectable commands and "exec" promise. I wonder if unveil(2) could help here: unveiling for "cpath" only the directory where file creation could occurs ? But I need to check some points on unveil(2) first... Thanks. -- Sebastien Marie
