From 772c9789b785231e235e08af69da89273027cf70 Mon Sep 17 00:00:00 2001
From: Klemens Nanni <klemens@posteo.de>
Date: Fri, 11 Jun 2021 12:30:59 +0000
Subject: OpenBSD: Drop now unneeded file system access for save file

All opening happens before unveil/pledge and the file handle is kept
open read/write so it can be used without any pledge.

Simpler/less code and less chances to write other files (accidentially).
---
 chat.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'chat.c')

diff --git a/chat.c b/chat.c
index e6cd270..d92240d 100644
--- a/chat.c
+++ b/chat.c
@@ -283,16 +283,15 @@ int main(int argc, char *argv[]) {
 
 #ifdef __OpenBSD__
 	if (self.restricted) {
-		if (save || logEnable) {
+		if (logEnable) {
 			dataMkdir("");
 			unveilData("");
 		}
-		if (save) unveilData(save);
 	}
 
 	char promises[64] = "stdio tty";
 	char *ptr = &promises[strlen(promises)], *end = &promises[sizeof(promises)];
-	if (save || logEnable) ptr = seprintf(ptr, end, " wpath cpath");
+	if (logEnable) ptr = seprintf(ptr, end, " wpath cpath");
 	if (!self.restricted) ptr = seprintf(ptr, end, " proc exec");
 
 	char *promisesFinal = strdup(promises);
-- 
cgit 1.4.1