Le Wed, Nov 08, 2023 at 01:49:56PM +0000, Klemens Nanni a écrit :
> Started by D-Bus, this upowerd(8) runs as root without the usual
> OpenBSD security considerations.
>
> upowerd(8) used to support scripts, but deprecated them in 2013.
> I don't see any other code that would fork or exec stuff.
>
> apm(4) ioctls is not covered by pledge(2), sensors readying via
> sysctl(2) should be, though.
>
> So as with openbsdisks2, unveil("/", "rwc") to strip the x bit.
>
> `upower --monitor-detail' and replugging my notebook's power cable
> still provides all the details.
>
> Works for me on Xfce.
> Feedback? Objection? OK?
if you want to go down that road, barring any glib madness about various
~/.cache or .local stuff, upower itself should only need wc on
/var/db/upower/
Landry
