d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add capsicum to units(1)

Browse Source
This commit is contained in:
Eitan Adler 2014-03-30 16:04:47 +00:00
parent f9374f0724
commit ac117d5d7e
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=263940
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
usr.bin/units/units.c
View File

@ -22,11 +22,14 @@ static const char rcsid[] =
#include <ctype.h>
#include <err.h>
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <sys/capsicum.h>
#include "pathnames.h"
#define VERSION "1.0"
@ -112,6 +115,7 @@ readunits(const char *userfile)
FILE *unitfile;
char line[512], *lineptr;
int len, linenum, i;
cap_rights_t unitfilerights;
unitcount = 0;
linenum = 0;
@ -143,6 +147,12 @@ readunits(const char *userfile)
errx(1, "can't find units file '%s'", UNITSFILE);
}
}
if (cap_enter() < 0 && errno != ENOSYS)
err(1, "unable to enter capability mode");
cap_rights_init(&unitfilerights, CAP_READ, CAP_FSTAT);
if (cap_rights_limit(fileno(unitfile), &unitfilerights) < 0
&& errno != ENOSYS)
err(1, "cap_rights_limit() failed");
while (!feof(unitfile)) {
if (!fgets(line, sizeof(line), unitfile))
break;