Fix pledge() usage

2018-07-07 20:50:44 +02:00 · 2018-07-07 20:50:44 +02:00 · 17e07d80bb
parent 35e4d36f67
commit 17e07d80bb
3 changed files with 13 additions and 3 deletions
--- a/dnscrypt-proxy/pledge_openbsd.go
+++ b/dnscrypt-proxy/pledge_openbsd.go
@ -2,9 +2,14 @@

 package main

-import "golang.org/x/sys/unix"
+import (
+	"golang.org/x/sys/unix"
+)

 func Pledge() {
-	unix.Pledge("stdio rpath wpath cpath tmppath inet fattr flock dns getpw sendfd recvfd proc exec id",
-		"stdio rpath wpath cpath tmppath inet fattr flock dns recvfd")
+	unix.Pledge("stdio rpath wpath cpath tmppath inet fattr flock dns getpw sendfd recvfd proc exec id", nil)
+}
+
+func PledgeChild() {
+	unix.Pledge("stdio rpath wpath cpath tmppath inet fattr flock dns recvfd", nil)
 }
--- a/dnscrypt-proxy/pledge_others.go
+++ b/dnscrypt-proxy/pledge_others.go
@ -5,3 +5,7 @@ package main
 func Pledge() {

 }
+
+func PledgeChild() {
+
+}
--- a/dnscrypt-proxy/privilege_others.go
+++ b/dnscrypt-proxy/privilege_others.go
@ -39,6 +39,7 @@ func (proxy *Proxy) dropPrivilege(userStr string, fds []*os.File) {
 	}

 	SystemDNotify()
+	PledgeChild()

 	args = args[1:]
 	args = append(args, "-child")