Compare commits
2 Commits
eae0b0352b
...
2f805cc942
Author | SHA1 | Date | |
---|---|---|---|
2f805cc942 | |||
70bec49127 |
@ -17,7 +17,7 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
use std::{
|
use std::{
|
||||||
ffi::{ CString, c_int },
|
ffi::CString,
|
||||||
io::Error,
|
io::Error,
|
||||||
ptr::null,
|
ptr::null,
|
||||||
};
|
};
|
||||||
@ -76,7 +76,10 @@ impl UnveilPerms {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn unveil(path: Option<&str>, permissions: Option<UnveilPerms>) -> c_int {
|
pub fn unveil(
|
||||||
|
path: Option<&str>,
|
||||||
|
permissions: Option<UnveilPerms>,
|
||||||
|
) -> Result<(), Error> {
|
||||||
let path_c = path.map(CString::new).map(Result::unwrap);
|
let path_c = path.map(CString::new).map(Result::unwrap);
|
||||||
let arg1 = path_c.map(|p| p.into_raw() as *const i8).unwrap_or(null());
|
let arg1 = path_c.map(|p| p.into_raw() as *const i8).unwrap_or(null());
|
||||||
|
|
||||||
@ -84,5 +87,11 @@ pub fn unveil(path: Option<&str>, permissions: Option<UnveilPerms>) -> c_int {
|
|||||||
.map(|p| p.0.into_raw() as *const i8)
|
.map(|p| p.0.into_raw() as *const i8)
|
||||||
.unwrap_or(null());
|
.unwrap_or(null());
|
||||||
|
|
||||||
unsafe { openbsd::unveil(arg1, arg2) }
|
unsafe {
|
||||||
|
match openbsd::unveil(arg1, arg2) {
|
||||||
|
-1 => Err(Error::from_raw_os_error(*openbsd::__errno())),
|
||||||
|
0 => Ok(()),
|
||||||
|
_ => panic!(), /* unreachable */
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
48
src/mm.rs
48
src/mm.rs
@ -33,6 +33,16 @@ use getopt::GetOpt;
|
|||||||
use strerror::StrError;
|
use strerror::StrError;
|
||||||
use sysexits::{ EX_IOERR, EX_USAGE };
|
use sysexits::{ EX_IOERR, EX_USAGE };
|
||||||
|
|
||||||
|
#[cfg(target_os="openbsd")] use sysexits::EX_OSERR;
|
||||||
|
#[cfg(target_os="openbsd")] extern crate openbsd;
|
||||||
|
#[cfg(target_os="openbsd")]
|
||||||
|
use openbsd::{
|
||||||
|
Promises,
|
||||||
|
UnveilPerms,
|
||||||
|
pledge,
|
||||||
|
unveil,
|
||||||
|
};
|
||||||
|
|
||||||
use ArgMode::*;
|
use ArgMode::*;
|
||||||
|
|
||||||
enum ArgMode { In, Out }
|
enum ArgMode { In, Out }
|
||||||
@ -41,6 +51,14 @@ fn main() -> ExitCode {
|
|||||||
let argv = args().collect::<Vec<_>>();
|
let argv = args().collect::<Vec<_>>();
|
||||||
let usage = format!("Usage: {} [-aetu] [-i input] [-o output]", argv[0]);
|
let usage = format!("Usage: {} [-aetu] [-i input] [-o output]", argv[0]);
|
||||||
|
|
||||||
|
if cfg!(target_os="openbsd") {
|
||||||
|
let promises = Promises::new("rpath stdio unveil");
|
||||||
|
if let Err(e) = pledge(Some(promises), None) {
|
||||||
|
eprintln!("{}: {}", argv[0], e.strerror());
|
||||||
|
return ExitCode::from(EX_OSERR as u8);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
let mut a = false; /* append to the file */
|
let mut a = false; /* append to the file */
|
||||||
let mut e = false; /* use stderr as an output */
|
let mut e = false; /* use stderr as an output */
|
||||||
let mut t = true; /* do not truncate the file before writing */
|
let mut t = true; /* do not truncate the file before writing */
|
||||||
@ -58,11 +76,29 @@ fn main() -> ExitCode {
|
|||||||
Ok("t") => t = false,
|
Ok("t") => t = false,
|
||||||
Ok("i") => { /* add inputs */
|
Ok("i") => { /* add inputs */
|
||||||
let input = opt.arg().unwrap();
|
let input = opt.arg().unwrap();
|
||||||
|
|
||||||
|
if cfg!(target_os="openbsd") {
|
||||||
|
let perms = UnveilPerms::new(vec!['r']);
|
||||||
|
if let Err(e) = unveil(Some(&input), Some(perms)) {
|
||||||
|
eprintln!("{}: {}", argv[0], e.strerror());
|
||||||
|
return ExitCode::from(EX_OSERR as u8);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
ins.push(input);
|
ins.push(input);
|
||||||
mode = Some(In); /* latest argument == -i */
|
mode = Some(In); /* latest argument == -i */
|
||||||
},
|
},
|
||||||
Ok("o") => { /* add output */
|
Ok("o") => { /* add output */
|
||||||
let output = opt.arg().unwrap();
|
let output = opt.arg().unwrap();
|
||||||
|
|
||||||
|
if cfg!(target_os="openbsd") {
|
||||||
|
let perms = UnveilPerms::new(vec!['w', 'c']);
|
||||||
|
if let Err(e) = unveil(Some(&output), Some(perms)) {
|
||||||
|
eprintln!("{}: {}", argv[0], e.strerror());
|
||||||
|
return ExitCode::from(EX_OSERR as u8);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
outs.push(output);
|
outs.push(output);
|
||||||
mode = Some(Out); /* latest argument == -o */
|
mode = Some(Out); /* latest argument == -o */
|
||||||
},
|
},
|
||||||
@ -86,11 +122,17 @@ fn main() -> ExitCode {
|
|||||||
Out => outs.push(arg.to_string()),
|
Out => outs.push(arg.to_string()),
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
} else {
|
|
||||||
eprintln!("{}", usage);
|
|
||||||
return ExitCode::from(EX_USAGE as u8);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if cfg!(target_os="openbsd") {
|
||||||
|
if let Err(e) = unveil(None, None) {
|
||||||
|
eprintln!("{}: {}", argv[0], e.strerror());
|
||||||
|
return ExitCode::from(EX_OSERR as u8);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
println!("{:?}", ins);
|
||||||
|
|
||||||
/* use stdin if no inputs are specified */
|
/* use stdin if no inputs are specified */
|
||||||
if ins.is_empty() { ins.push("-".to_string()); }
|
if ins.is_empty() { ins.push("-".to_string()); }
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user