diff options
| author | Andreas Kling <kling@serenityos.org> | 2020-01-20 22:21:41 +0100 |
|---|---|---|
| committer | Andreas Kling <kling@serenityos.org> | 2020-01-20 22:21:41 +0100 |
| commit | cec0268ffab8a2e9d9b5b2ad742310d629f2fe60 (patch) | |
| tree | 8fddf7a19e1ff94c8129c2a7df8c2e5a1adf78da | |
| parent | 02406b7305e609a48e2d737ce28480e35fccb540 (diff) | |
| download | serenity-cec0268ffab8a2e9d9b5b2ad742310d629f2fe60.zip | |
id: Use unveil()
And so "id" becomes our first user of unveil(), giving himself access
to read /etc/passwd and /etc/group :^)
| -rw-r--r-- | Userland/id.cpp | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/Userland/id.cpp b/Userland/id.cpp index e37ed60e58..6403bf3382 100644 --- a/Userland/id.cpp +++ b/Userland/id.cpp @@ -40,6 +40,21 @@ static bool flag_print_gid_all = false; int main(int argc, char** argv) { + if (unveil("/etc/passwd", "r") < 0) { + perror("unveil"); + return 1; + } + + if (unveil("/etc/group", "r") < 0) { + perror("unveil"); + return 1; + } + + if (unveil(nullptr, nullptr) < 0) { + perror("unveil"); + return 1; + } + if (pledge("stdio rpath", nullptr) < 0) { perror("pledge"); return 1; |