diff options
author | June McEnroe <june@causal.agency> | 2021-07-13 17:58:14 +0000 |
---|---|---|
committer | June McEnroe <june@causal.agency> | 2021-07-13 15:16:22 -0400 |
commit | 54d899196cf65e9954a3f5cc5da05af6afc82d3c (patch) | |
tree | 001d9dd6cd7c2a86897457040f840b25e5b90125 | |
parent | Disable /exec in Kiosk mode (as documented) (diff) | |
download | catgirl-54d899196cf65e9954a3f5cc5da05af6afc82d3c.tar.gz catgirl-54d899196cf65e9954a3f5cc5da05af6afc82d3c.zip |
FreeBSD: Avoid caph_stream_rights(3)
caph_stream_rights(3) doesn't exist before FreeBSD 13.0 and there's no good reason to create that dependency. I still run servers on FreeBSD 12. This is a partial revert of cbc9545cb3f76733030c867f32ddb6a922cd2907.
-rw-r--r-- | chat.c | 5 | ||||
-rw-r--r-- | log.c | 6 | ||||
-rw-r--r-- | ui.c | 3 |
3 files changed, 8 insertions, 6 deletions
diff --git a/chat.c b/chat.c index 5d9ad5e..f300315 100644 --- a/chat.c +++ b/chat.c @@ -324,10 +324,11 @@ int main(int argc, char *argv[]) { #ifdef __FreeBSD__ cap_rights_t rights; - caph_stream_rights(&rights, CAPH_WRITE); int error = 0 || caph_limit_stdin() - || caph_rights_limit(STDOUT_FILENO, cap_rights_set(&rights, CAP_IOCTL)) + || caph_rights_limit( + STDOUT_FILENO, cap_rights_init(&rights, CAP_WRITE, CAP_IOCTL) + ) || caph_limit_stderr() || caph_rights_limit( irc, cap_rights_init(&rights, CAP_SEND, CAP_RECV, CAP_EVENT) diff --git a/log.c b/log.c index e31c5fe..c13293a 100644 --- a/log.c +++ b/log.c @@ -54,8 +54,10 @@ void logOpen(void) { #ifdef __FreeBSD__ cap_rights_t rights; - caph_stream_rights(&rights, CAPH_WRITE); - cap_rights_set(&rights, CAP_MKDIRAT, CAP_CREATE); + cap_rights_init( + &rights, CAP_MKDIRAT, CAP_CREATE, CAP_WRITE, + /* for fdopen(3) */ CAP_FCNTL, CAP_FSTAT + ); int error = caph_rights_limit(logDir, &rights); if (error) err(EX_OSERR, "cap_rights_limit"); #endif diff --git a/ui.c b/ui.c index abf477c..da06342 100644 --- a/ui.c +++ b/ui.c @@ -1192,8 +1192,7 @@ void uiLoad(const char *name) { #ifdef __FreeBSD__ cap_rights_t rights; - caph_stream_rights(&rights, CAPH_READ | CAPH_WRITE); - cap_rights_set(&rights, CAP_FLOCK, CAP_FTRUNCATE); + cap_rights_init(&rights, CAP_READ, CAP_WRITE, CAP_FLOCK, CAP_FTRUNCATE); error = caph_rights_limit(fileno(saveFile), &rights); if (error) err(EX_OSERR, "cap_rights_limit"); #endif |