> I wrote some patches to allow pledging across execs.
> Currently, the exec pledge passes down the process tree.
>
> The initial version simply inherited the current pledge when
> execing with the `pledge("rexec")` promise, but after
> discussing with Theo at EuroBSD, a better design was
> sugges
On Sun, Oct 08, 2017 at 02:43:48AM -0700, Ori Bernstein wrote:
> And pax, because I can
>
>
>
>
> diff --git bin/pax/ar_io.c bin/pax/ar_io.c
> index 40a6492405e..ce53a9ae51b 100644
> --- bin/pax/ar_io.c
> +++ bin/pax/ar_io.c
> @@ -1281,6 +1281,11 @@ ar_start_gzip(int fd, const char
And pax, because I can
diff --git bin/pax/ar_io.c bin/pax/ar_io.c
index 40a6492405e..ce53a9ae51b 100644
--- bin/pax/ar_io.c
+++ bin/pax/ar_io.c
@@ -1281,6 +1281,11 @@ ar_start_gzip(int fd, const char *path, int wr)
/* System compressors are more likely to use pledge(
Slowcgi. Because if someone could fool it into
running the wrong binary, the outcome may be
suboptimal.
diff --git usr.sbin/slowcgi/slowcgi.8 usr.sbin/slowcgi/slowcgi.8
index d3ab4030bed..f8f07630204 100644
--- usr.sbin/slowcgi/slowcgi.8
+++ usr.sbin/slowcgi/slowcgi.8
@@ -24,6 +24,7
This is my pledge(1). There are many like it, but this one is mine.
When directory pledges land, this should also get support for them.
Usage example:
pledge stdio echo hello world
More complicated, with enough pledges to run awk:
pledge "stdio rpath wpath cpath proc exec prot_e
even
better. 'pledge stdio echo hi' works just fine.
- The third patch adds the ability to pledge programs running
under slowcgi.
- The fourth patch exec-pledges pax. I'm not sure I got the
pledges right, so more careful review would be appreciated.
I grabbed the pledges
