aboutsummaryrefslogtreecommitdiff
path: root/src/xz/file_io.c
diff options
context:
space:
mode:
authorLasse Collin <lasse.collin@tukaani.org>2022-10-25 21:11:58 +0300
committerLasse Collin <lasse.collin@tukaani.org>2022-10-25 21:30:48 +0300
commit563288ea705e83ff5cb292adf794650c263bca1d (patch)
tree4e44dd5f1842361d331db7564005700667a3af3c /src/xz/file_io.c
parentxz: Fix decompressor behavior if input uses an unsupported check type. (diff)
downloadxz-563288ea705e83ff5cb292adf794650c263bca1d.tar.xz
xz: Add support for OpenBSD's pledge() sandbox.
Diffstat (limited to 'src/xz/file_io.c')
-rw-r--r--src/xz/file_io.c11
1 files changed, 11 insertions, 0 deletions
diff --git a/src/xz/file_io.c b/src/xz/file_io.c
index 046ca7e3..61857029 100644
--- a/src/xz/file_io.c
+++ b/src/xz/file_io.c
@@ -212,6 +212,17 @@ io_sandbox_enter(int src_fd)
if (cap_enter())
goto error;
+#elif defined(HAVE_PLEDGE)
+ // pledge() was introduced in OpenBSD 5.9.
+ //
+ // main() unconditionally calls pledge() with fairly relaxed
+ // promises which work in all situations. Here we make the
+ // sandbox more strict.
+ if (pledge("stdio", ""))
+ goto error;
+
+ (void)src_fd;
+
#else
# error ENABLE_SANDBOX is defined but no sandboxing method was found.
#endif