diff options
author | June McEnroe <june@causal.agency> | 2019-11-01 04:06:20 -0400 |
---|---|---|
committer | June McEnroe <june@causal.agency> | 2019-11-01 04:06:20 -0400 |
commit | 5390d7034648a947062147bf4caec0a06c521a6d (patch) | |
tree | 274c4cd03a05c884f20656adc0aa3f74949281ec | |
parent | Implement capsicum workaround for certbot (diff) | |
download | pounce-5390d7034648a947062147bf4caec0a06c521a6d.tar.gz pounce-5390d7034648a947062147bf4caec0a06c521a6d.zip |
Limit saveFile to CAP_WRITE
-rw-r--r-- | bounce.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/bounce.c b/bounce.c index b615b3c..06340fd 100644 --- a/bounce.c +++ b/bounce.c @@ -278,12 +278,15 @@ int main(int argc, char *argv[]) { int error = cap_enter(); if (error) err(EX_OSERR, "cap_enter"); - cap_rights_t fileRights, sockRights, bindRights; + cap_rights_t saveRights, fileRights, sockRights, bindRights; + cap_rights_init(&saveRights, CAP_WRITE); cap_rights_init(&fileRights, CAP_FCNTL, CAP_FSTAT, CAP_LOOKUP, CAP_READ); cap_rights_init(&sockRights, CAP_EVENT, CAP_RECV, CAP_SEND, CAP_SETSOCKOPT); cap_rights_init(&bindRights, CAP_LISTEN, CAP_ACCEPT); cap_rights_merge(&bindRights, &sockRights); + error = cap_rights_limit(fileno(saveFile), &saveRights); + if (error) err(EX_OSERR, "cap_rights_limit"); splitLimit(certSplit, &fileRights); splitLimit(privSplit, &fileRights); for (size_t i = 0; i < binds; ++i) { |