diff options
| author | Tim Kuijsten <info+git@netsend.nl> | 2019-11-21 02:15:41 +0100 |
|---|---|---|
| committer | Leah Neukirchen <leah@vuxu.org> | 2020-09-06 16:34:56 +0200 |
| commit | 4763032430834ff1d7dfe4293826cf845a71b990 (patch) | |
| tree | 113205e6ce5f84eaf5df1c9347ba0187fa93f3ed /mflow.c | |
| parent | 6bd687bfdc44bafdc18b96eaec0995e3254536f6 (diff) | |
| download | mblaze-4763032430834ff1d7dfe4293826cf845a71b990.tar.gz mblaze-4763032430834ff1d7dfe4293826cf845a71b990.tar.xz mblaze-4763032430834ff1d7dfe4293826cf845a71b990.zip | |
pledge(2) all programs
All programs except mshow have a very tight set of promises. mshow has a broad set of promises and might be a good future candidate to further restrict using unveil(2). This patch is based on commit 0300a112 by Alex Holst (dated 2017-12-07), which was proposed in GH PR #79. * pledged mpick, mflow and mdate so that now all programs are pledged * removed some unneeded promises and added some missing promises * move err.h include and OpenBSD ifdef into a new xpledge.h * cleaned up code aligning and whitespace Closes: #179 [via git-merge-pr]
Diffstat (limited to 'mflow.c')
| -rw-r--r-- | mflow.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/mflow.c b/mflow.c index 41db508..af6755d 100644 --- a/mflow.c +++ b/mflow.c @@ -10,6 +10,7 @@ #include <unistd.h> #include "blaze822.h" +#include "xpledge.h" int column = 0; int maxcolumn = 80; @@ -107,6 +108,8 @@ main(int argc, char *argv[]) int force = 0; int delsp = 0; + xpledge("stdio rpath tty", ""); + char *ct = getenv("PIPE_CONTENTTYPE"); if (ct) { char *s, *se; @@ -130,6 +133,8 @@ main(int argc, char *argv[]) } } + xpledge("stdio", ""); + char *maxcols = getenv("MAXCOLUMNS"); if (maxcols && isdigit(*maxcols)) { int m = atoi(maxcols); |