diff options
author | June McEnroe <june@causal.agency> | 2021-06-24 18:07:30 -0400 |
---|---|---|
committer | June McEnroe <june@causal.agency> | 2021-06-25 11:50:14 -0400 |
commit | b48d0d607ce3e4cf344dec5c94392b2a84f7f649 (patch) | |
tree | a8fb61af25b4ed066061bdd41612d14e9bfcb5c6 | |
parent | FreeBSD: Limit rights on stdio and socket (diff) | |
download | catgirl-b48d0d607ce3e4cf344dec5c94392b2a84f7f649.tar.gz catgirl-b48d0d607ce3e4cf344dec5c94392b2a84f7f649.zip |
FreeBSD: Limit rights on save file
-rw-r--r-- | ui.c | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/ui.c b/ui.c index 9d67387..a3003df 100644 --- a/ui.c +++ b/ui.c @@ -48,6 +48,10 @@ #include <wchar.h> #include <wctype.h> +#ifdef __FreeBSD__ +#include <sys/capsicum.h> +#endif + #include "chat.h" // Annoying stuff from <term.h>: @@ -1181,11 +1185,19 @@ static ssize_t readString(FILE *file, char **buf, size_t *cap) { } void uiLoad(const char *name) { + int error; saveFile = dataOpen(name, "a+e"); if (!saveFile) exit(EX_CANTCREAT); rewind(saveFile); - int error = flock(fileno(saveFile), LOCK_EX | LOCK_NB); +#ifdef __FreeBSD__ + cap_rights_t rights; + cap_rights_init(&rights, CAP_READ, CAP_WRITE, CAP_FLOCK, CAP_FTRUNCATE); + error = cap_rights_limit(fileno(saveFile), &rights); + if (error) err(EX_OSERR, "cap_rights_limit"); +#endif + + error = flock(fileno(saveFile), LOCK_EX | LOCK_NB); if (error && errno == EWOULDBLOCK) { errx(EX_CANTCREAT, "%s: save file in use", name); } |