72193d0da3
The heavy lifting and final touches were done by Frederic Cambus; this version includes earlier patches, ideas and tweaks from daniel@ and me. ok daniel@, patch and notes from Frederic Cambus (MAINTAINER) Notes : ------- The idea is to avoid using otherwise required 'getpw', 'proc', 'exec' promises entirely. We achieve this by disabling a couple of features, mostly removing obsolete stuff. While we are at it, we attempt to pave the way to be able to remove even more promises in the future, and reduce potential attack vectors. We disable them either at compile time : --disable-bibp-urls --disable-dired --disable-finger Or by hardcoding boolean values to disable the features just before calling pledge and entering main program loop : no_exec = TRUE; no_mail = TRUE; no_shell = TRUE; rlogin_ok = FALSE; telnet_ok = FALSE; Manpage has been updated to mention those restrictions. Also, CFLAGS="-DNOUSERS" was added in the Makefile to disable getpwnam and getpwuid. |
||
|---|---|---|
| .. | ||
| patches | ||
| pkg | ||
| distinfo | ||
| Makefile | ||