From 5390d7034648a947062147bf4caec0a06c521a6d Mon Sep 17 00:00:00 2001
From: Curtis McEnroe <june@causal.agency>
Date: Fri, 1 Nov 2019 04:06:20 -0400
Subject: Limit saveFile to CAP_WRITE

---
 bounce.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'bounce.c')

diff --git a/bounce.c b/bounce.c
index b615b3c..06340fd 100644
--- a/bounce.c
+++ b/bounce.c
@@ -278,12 +278,15 @@ int main(int argc, char *argv[]) {
 	int error = cap_enter();
 	if (error) err(EX_OSERR, "cap_enter");
 
-	cap_rights_t fileRights, sockRights, bindRights;
+	cap_rights_t saveRights, fileRights, sockRights, bindRights;
+	cap_rights_init(&saveRights, CAP_WRITE);
 	cap_rights_init(&fileRights, CAP_FCNTL, CAP_FSTAT, CAP_LOOKUP, CAP_READ);
 	cap_rights_init(&sockRights, CAP_EVENT, CAP_RECV, CAP_SEND, CAP_SETSOCKOPT);
 	cap_rights_init(&bindRights, CAP_LISTEN, CAP_ACCEPT);
 	cap_rights_merge(&bindRights, &sockRights);
 
+	error = cap_rights_limit(fileno(saveFile), &saveRights);
+	if (error) err(EX_OSERR, "cap_rights_limit");
 	splitLimit(certSplit, &fileRights);
 	splitLimit(privSplit, &fileRights);
 	for (size_t i = 0; i < binds; ++i) {
-- 
cgit 1.4.1