Date: Sat, 20 Jul 2013 19:23:44 GMT From: dpl@FreeBSD.org To: svn-soc-all@FreeBSD.org Subject: socsvn commit: r254982 - soc2013/dpl/head/lib/libz Message-ID: <201307201923.r6KJNi1b031424@socsvn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: dpl Date: Sat Jul 20 19:23:44 2013 New Revision: 254982 URL: http://svnweb.FreeBSD.org/socsvn/?view=rev&rev=254982 Log: Zlib gzip code is limited now. Modified: soc2013/dpl/head/lib/libz/gzlib.c Modified: soc2013/dpl/head/lib/libz/gzlib.c ============================================================================== --- soc2013/dpl/head/lib/libz/gzlib.c Sat Jul 20 16:58:17 2013 (r254981) +++ soc2013/dpl/head/lib/libz/gzlib.c Sat Jul 20 19:23:44 2013 (r254982) @@ -18,6 +18,14 @@ #endif #endif +#if defined(__FreeBSD__) +# include <osreldate.h> +# if __FreeBSD_version >= 900041 +# define CAPSICUM +# include <sys/capability.h> +# endif +#endif + /* Local functions */ local void gz_reset OF((gz_statep)); local gzFile gz_open OF((const void *, int, const char *)); @@ -251,6 +259,10 @@ free(state); return NULL; } +#ifdef CAPSICUM + cap_rights_limit(state->fd, CAP_READ|CAP_SEEK|CAP_WRITE|CAP_FSTAT); + printf("CAPSICUM: fd %d limited\n", state->fd); +#endif if (state->mode == GZ_APPEND) state->mode = GZ_WRITE; /* simplify later checks */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201307201923.r6KJNi1b031424>