Drop filesystem access iff possible

Log files and state save/restore both require read/write access to
the filesystem, both during start and exit.

If neither features are used, catgirl may run with "stdio tty".

1 files changed, 6 insertions, 4 deletions

diff --git a/chat.c b/chat.c
index b36223c..6458925 100644
--- a/chat.c
+++ b/chat.c
@@ -341,10 +341,12 @@ int main(int argc, char *argv[]) {
 	}
 
 #ifdef __OpenBSD__
-	if (self.restricted) {
-		error = pledge("stdio rpath wpath cpath tty", NULL);
-		if (error) err(EX_OSERR, "pledge");
-	}
+	char promises[64] = "stdio tty";
+	struct Cat cat = { promises, sizeof(promises), strlen(promises) };
+	if (save || logEnable) catf(&cat, " rpath wpath cpath");
+	if (!self.restricted) catf(&cat, " proc exec");
+	error = pledge(promises, NULL);
+	if (error) err(EX_OSERR, "pledge");
 #endif
 
 	struct pollfd fds[] = {