summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/core/capsicum.c8
1 files changed, 8 insertions, 0 deletions
diff --git a/src/core/capsicum.c b/src/core/capsicum.c
index 3b0708cb..1c5c59da 100644
--- a/src/core/capsicum.c
+++ b/src/core/capsicum.c
@@ -37,6 +37,7 @@
#include <sys/nv.h>
#include <sys/procdesc.h>
#include <sys/socket.h>
+#include <capsicum_helpers.h>
#include <string.h>
#define OPCODE_CONNECT 1
@@ -410,6 +411,13 @@ static void cmd_capsicum_enter(void)
*/
signal(SIGCHLD, SIG_IGN);
+ error = caph_limit_stdio();
+ if (error != 0) {
+ g_warning("caph_limit_stdio(3) failed: %s", strerror(errno));
+ signal_emit("capability mode failed", 1, strerror(errno));
+ return;
+ }
+
error = cap_enter();
if (error != 0) {
signal_emit("capability mode failed", 1, strerror(errno));
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-15 07:38:21 +0000