Merge pull request #102 from omar-polo/simplify-pledge

tightens pledge(2) promises

src/gophernicus.c

@@ -564,6 +564,13 @@ int main(int argc, char *argv[])
 		sstrlcpy(st.server_root, buf);
 	}
 
+	/* Check if TCP wrappers have something to say about this connection */
+#ifdef HAVE_LIBWRAP
+	if (sstrncmp(st.req_remote_addr, UNKNOWN_ADDR) != MATCH &&
+		hosts_ctl(self, STRING_UNKNOWN, st.req_remote_addr, STRING_UNKNOWN) == WRAP_DENIED)
+		die(&st, ERR_ACCESS, "Refused connection");
+#endif
+
 #ifdef __OpenBSD__
 	/* unveil(2) support.
 	 *
@@ -612,14 +619,12 @@ int main(int argc, char *argv[])
 		/* pledge(2) never allows shared memory */
 		log_debug("shared-memory enabled, can't pledge(2)");
 	} else {
-		strlcpy(pledges,
-				"stdio rpath inet sendfd recvfd proc",
-				sizeof(pledges));
+		strlcpy(pledges, "stdio rpath", sizeof(pledges));
 
 		/* Executable maps shell-out using popen(3) */
 		if (st.opt_exec) {
-			strlcat(pledges, " exec", sizeof(pledges));
-			log_debug("executable gophermaps enabled, adding `exec' to pledge(2)");
+			strlcat(pledges, " proc exec", sizeof(pledges));
+			log_debug("executable gophermaps enabled, adding `proc exec' to pledge(2)");
 		}
 
 		/* Personal spaces require getpwnam(3) and getpwent(3) */
@@ -633,13 +638,6 @@ int main(int argc, char *argv[])
 	}
 #endif
 
-	/* Check if TCP wrappers have something to say about this connection */
-#ifdef HAVE_LIBWRAP
-	if (sstrncmp(st.req_remote_addr, UNKNOWN_ADDR) != MATCH &&
-		hosts_ctl(self, STRING_UNKNOWN, st.req_remote_addr, STRING_UNKNOWN) == WRAP_DENIED)
-		die(&st, ERR_ACCESS, "Refused connection");
-#endif
-
 	/* Make sure the computer is turned on */
 #ifdef __HAIKU__
 	if (is_computer_on() != TRUE)