Capsicumize pom

Since pom is the only binary that can save lives, capsicumize it to be sure that it's safe to run it. Reviewed by: bapt
svn path=/head/; revision=317165
2017-04-19 20:27:48 +00:00 · 2017-04-19 20:27:48 +00:00 · 3756a6d8f8 · 2020-12-20 02:59:44 +00:00
commit 3756a6d8f8
parent ebb27fd055
1 changed files with 14 additions and 0 deletions
--- a/usr.bin/pom/pom.c
+++ b/usr.bin/pom/pom.c
@ -53,6 +53,11 @@ __FBSDID("$FreeBSD$");
 *
 */

+#include <sys/capsicum.h>
+#include <capsicum_helpers.h>
+
+#include <err.h>
+#include <errno.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <math.h>
@ -81,6 +86,7 @@ static void	usage(char *progname);
 int
 main(int argc, char **argv)
 {
+	cap_rights_t rights;
 	time_t tt;
 	struct tm GMT, tmd;
 	double days, today, tomorrow;
@ -88,6 +94,14 @@ main(int argc, char **argv)
 	char *odate = NULL, *otime = NULL;
 	char *progname = argv[0];

+	if (caph_limit_stdio() < 0)
+		err(1, "unable to limit capabitilities for stdio");
+	cap_rights_init(&rights, CAP_WRITE);
+
+	caph_cache_catpages();
+	if (cap_enter() < 0 && errno != ENOSYS)
+		err(1, "unable to enter capability mode");
+
 	while ((ch = getopt(argc, argv, "d:pt:")) != -1)
 		switch (ch) {
 		case 'd':