summary refs log tree commit diff
diff options
context:
space:
mode:
authorJune McEnroe <june@causal.agency>2020-08-27 21:49:31 -0400
committerJune McEnroe <june@causal.agency>2020-08-27 22:05:31 -0400
commite464b9fea27bc047f6ed5f08f604eea43acbdfc3 (patch)
treec202b15cdeb178046f252d9da3522cbfe6ef89d6
parentSandbox calico with pledge(2) and unveil(2) (diff)
downloadpounce-e464b9fea27bc047f6ed5f08f604eea43acbdfc3.tar.gz
pounce-e464b9fea27bc047f6ed5f08f604eea43acbdfc3.zip
Sandbox pounce with pledge(2)
unveil(2) is a bit complicated to apply to this, I'll have to think
about it more.
Diffstat
-rw-r--r--bounce.c13
1 files changed, 10 insertions, 3 deletions
diff --git a/bounce.c b/bounce.c
index 924a01b..1ef3890 100644
--- a/bounce.c
+++ b/bounce.c
@@ -284,6 +284,8 @@ static void eventRemove(size_t i) {
 }
 
 int main(int argc, char *argv[]) {
+	int error;
+
 	size_t ringSize = 4096;
 	const char *savePath = NULL;
 
@@ -427,6 +429,11 @@ int main(int argc, char *argv[]) {
 		errx(EX_CONFIG, "password must be hashed with -x");
 	}
 
+#ifdef __OpenBSD__
+	error = pledge("stdio rpath wpath cpath inet flock unix dns recvfd", NULL);
+	if (error) err(EX_OSERR, "pledge");
+#endif
+
 	ringAlloc(ringSize);
 	if (savePath) saveLoad(savePath);
 
@@ -453,7 +460,7 @@ int main(int argc, char *argv[]) {
 	int server = serverConnect(serverBindHost, host, port);
 
 #ifdef __FreeBSD__
-	int error = cap_enter();
+	error = cap_enter();
 	if (error) err(EX_OSERR, "cap_enter");
 
 	cap_rights_t saveRights, fileRights, sockRights, bindRights;
@@ -489,7 +496,7 @@ int main(int argc, char *argv[]) {
 	signal(SIGUSR1, signalHandler);
 
 	for (size_t i = 0; i < binds; ++i) {
-		int error = listen(bind[i], -1);
+		error = listen(bind[i], -1);
 		if (error) err(EX_IOERR, "listen");
 		eventAdd(bind[i], NULL);
 	}
@@ -525,7 +532,7 @@ int main(int argc, char *argv[]) {
 					continue;
 				}
 
-				int error = tls_handshake(tls);
+				error = tls_handshake(tls);
 				if (error) {
 					warnx("tls_handshake: %s", tls_error(tls));
 					tls_free(tls);
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-05-18 18:17:56 +0000
2a0f2eea92867b20502c70716b1400f33f&follow=1'>Add a bunch of photosJune McEnroe 2024-10-12Publish "film review"June McEnroe 2024-10-12Add photos from October 6June McEnroe 2024-10-12Add photos from October 5June McEnroe 2024-10-09Add photos from October 1June McEnroe Ok the first 3 are from September 29 but I didn't want to spoil the black and white roll. 2024-10-07Add photos from September 29June McEnroe 2024-10-07Add photos from September 28June McEnroe 2024-10-07Add photos from September 22June McEnroe 2024-09-25Add photos from September 15June McEnroe 2024-09-24Add photos from September 14June McEnroe 2024-09-24Add photos from September 12June McEnroe 2024-09-24Add photos from September 7June McEnroe 2024-09-24Allow not having descriptionsJune McEnroe I'm sorry, I can't keep writing descriptions. It makes posting photos take too long, I often don't know the words for what I'm looking at, and a good description is an entirely different work of art than the photo I took, and I'm just a photographer. It's visual art. 2024-09-23Automatically select the last used lens for a bodyJune McEnroe 2024-09-19Add photos from September 5June McEnroe Had to prefix the folder number onto these file names manually because they must have come out of a different scanner or something. 2024-09-15Add some more film stocks to the listJune McEnroe 2024-09-13Add photos from September 2June McEnroe 2024-09-13Add Fomapan 200 to films listJune McEnroe 2024-09-10Add August 29 picnic photosJune McEnroe 2024-09-08Apply some bold to trips renderingJune McEnroe This seems easier to visually scan. The only other thing I'd like is a nicer date rendering but JavaScript is useless for that. 2024-09-08Render trips hopefully more efficientlyJune McEnroe 2024-09-08Allow removing bodies and lensesJune McEnroe 2024-09-08Limit body width so it looks less silly on desktopJune McEnroe 2024-09-07Handle no film being loadedJune McEnroe 2024-09-07Fancy up the text a littleJune McEnroe