scrut(1): adds support for pledge(2) and unveil(2)

src/scrut.c

@@ -20,8 +20,9 @@
 #include <stdio.h> /* fprintf(3), stderr, NULL */
 #include <stdlib.h> /* EXIT_FAILURE, EXIT_SUCCESS */
 #include <string.h> /* memset(3), strchr(3) */
-#include <sysexits.h> /* EX_USAGE */
+#include <sysexits.h> /* EX_OSERR, EX_USAGE */
-#include <unistd.h> /* access(3), getopt(3), F_OK, R_OK, W_OK, X_OK */
+#include <unistd.h> /* access(3), getopt(3), pledge(2), unveil(2), F_OK, R_OK,
+					 * W_OK, X_OK */
 #include <sys/stat.h> /* lstat(3), stat struct, S_ISBLK, S_ISCHR, S_ISDIR,
                        * S_ISFIFO, S_ISGID, S_ISREG, S_ISLNK, S_ISSOCK,
                        * S_ISUID, S_ISVTX */
@@ -40,7 +41,16 @@ usage(char *argv0) {
 int main(int argc, char *argv[]) {
 	char sel[(sizeof opts) / (sizeof *opts)];
 
-	if (argc < 2) { return usage(argv[0] == NULL ? program_name : argv[0]); }
+	program_name = argv[0] == NULL ? program_name : argv[0];
+
+#ifdef __OpenBSD__
+	if (pledge("rpath stdio unveil", NULL) == -1) {
+		perror(program_name);
+		return EX_OSERR;
+	}
+#endif
+
+	if (argc < 2) { return usage(program_name); }
 
 	{ /* option parsing */
 		char *p;
@@ -66,6 +76,13 @@ int main(int argc, char *argv[]) {
 	for (argv += optind ; *argv != NULL; ++argv) {
 		struct stat buf;
 
+#ifdef __OpenBSD__
+		if (unveil(*argv, "r") == -1) {
+			perror(program_name);
+			return EX_OSERR;
+		}
+#endif
+
 		if(access(*argv, F_OK) != 0 || lstat(*argv, &buf) == -1) {
 			return EXIT_FAILURE; /* doesn't exist or isn't stattable */
 		}