1 files changed, 14 insertions, 0 deletions

diff --git a/log.c b/log.c
index 415e1dc..fab5a41 100644
--- a/log.c
+++ b/log.c
@@ -38,6 +38,10 @@
 #include <time.h>
 #include <unistd.h>
 
+#ifdef __FreeBSD__
+#include <sys/capsicum.h>
+#endif
+
 #include "chat.h"
 
 static int logDir = -1;
@@ -47,6 +51,16 @@ void logOpen(void) {
 	const char *path = dataMkdir("log");
 	logDir = open(path, O_RDONLY | O_CLOEXEC);
 	if (logDir < 0) err(EX_CANTCREAT, "%s", path);
+
+#ifdef __FreeBSD__
+	cap_rights_t rights;
+	cap_rights_init(
+		&rights, CAP_MKDIRAT, CAP_CREATE, CAP_WRITE,
+		/* for fdopen(3) */ CAP_FCNTL, CAP_FSTAT
+	);
+	int error = cap_rights_limit(logDir, &rights);
+	if (error) err(EX_OSERR, "cap_rights_limit");
+#endif
 }
 
 static void logMkdir(const char *path) {