leahneukirchen
commented
4 years ago xpledge should be static. Why is including err.h everywhere required?
Closed timkuijsten closed 3 years ago
leahneukirchen
commented
4 years ago xpledge should be static. Why is including err.h everywhere required?
leahneukirchen
commented
4 years ago Instead of changing _XOPEN_SOURCE, please define _BSD_SOURCE where needed (i.e. in xpledge.h)
timkuijsten
commented
4 years ago Thanks for looking at the PR.
xpledge should be static. Why is including err.h everywhere required?
Both fixed now.
Instead of changing _XOPEN_SOURCE, please define _BSD_SOURCE where needed (i.e. in xpledge.h)
I've restored the _XOPEN_SOURCE definition in mscan.h and defined _BSD_SOURCE in xpledge.h. I did have to hoist the xpledge.h include in mscan to make sure pledge(3) is defined. This fixes the issue. (I'm not quite sure why the same warning isn't triggered in mpick.c where _XOPEN_SOURCE is also set and unistd.h is included before xpledge.h)
leahneukirchen
commented
4 years ago I would like to merge this. Can you squash it down?
leahneukirchen
commented
3 years ago Merged with small fixes.
timkuijsten
commented
3 years ago super! thanks! :)
I have checked all pledge calls and added some to ensure all main() functions are pledged as tight as possible.
The only program remaining with a broad pledge is mshow (full filesystem access plus fork/exec). I think the most important improvement there would be to use unveil(2), but I consider adding support for unveil a separate endeavour.
I've been running this code without problems since December (with the exception of mdate which I just pledged), although I have only just rebased my work on all changes that happended in 2020 on master.
/cc @holsta