Date: Sun, 30 Mar 2014 16:04:48 +0000 (UTC) From: Eitan Adler <eadler@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r263940 - head/usr.bin/units Message-ID: <201403301604.s2UG4mjn053407@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: eadler Date: Sun Mar 30 16:04:47 2014 New Revision: 263940 URL: http://svnweb.freebsd.org/changeset/base/263940 Log: add capsicum to units(1) Modified: head/usr.bin/units/units.c Modified: head/usr.bin/units/units.c ============================================================================== --- head/usr.bin/units/units.c Sun Mar 30 15:30:33 2014 (r263939) +++ head/usr.bin/units/units.c Sun Mar 30 16:04:47 2014 (r263940) @@ -22,11 +22,14 @@ static const char rcsid[] = #include <ctype.h> #include <err.h> +#include <errno.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <unistd.h> +#include <sys/capsicum.h> + #include "pathnames.h" #define VERSION "1.0" @@ -112,6 +115,7 @@ readunits(const char *userfile) FILE *unitfile; char line[512], *lineptr; int len, linenum, i; + cap_rights_t unitfilerights; unitcount = 0; linenum = 0; @@ -143,6 +147,12 @@ readunits(const char *userfile) errx(1, "can't find units file '%s'", UNITSFILE); } } + if (cap_enter() < 0 && errno != ENOSYS) + err(1, "unable to enter capability mode"); + cap_rights_init(&unitfilerights, CAP_READ, CAP_FSTAT); + if (cap_rights_limit(fileno(unitfile), &unitfilerights) < 0 + && errno != ENOSYS) + err(1, "cap_rights_limit() failed"); while (!feof(unitfile)) { if (!fgets(line, sizeof(line), unitfile)) break;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201403301604.s2UG4mjn053407>