diff options
| author | Andinus <andinus@nand.sh> | 2020-04-25 18:31:04 +0530 |
|---|---|---|
| committer | Andinus <andinus@nand.sh> | 2020-04-25 18:31:04 +0530 |
| commit | 7d6f99c4c6ec7a4632c0d473b11015aa1701c582 (patch) | |
| tree | d7db17c279e9e1c15c334937fc7e4366cbcca6f3 | |
| parent | f08234ef2fdc0df9548e8e218fc5232b08552e81 (diff) | |
| download | pavo-7d6f99c4c6ec7a4632c0d473b11015aa1701c582.tar.gz | |
Fix logical error & unveil other necessary paths
| -rw-r--r-- | unveil.go | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/unveil.go b/unveil.go index 99a9a82..b50c438 100644 --- a/unveil.go +++ b/unveil.go @@ -30,11 +30,26 @@ func blockUnveil() { // initUnveil initializes unveil for inital use. func initUnveil() { - err := lynx.Unveil(configFile, "rc") + err := lynx.Unveil(configFile(), "rc") if err != nil { fmt.Printf("%s :: %s", "Unveil configFile failed", err.Error()) os.Exit(1) } + + // os.Exec fails if "/dev/null" is not unveiled & for some + // reason it calls "/dev/urandom" inititally so we unveil it + // too because there should be no harm in doing so. + paths := make(map[string]string) + paths["/dev/null"] = "r" + paths["/dev/urandom"] = "r" + + err = lynx.UnveilPaths(paths) + if err != nil { + fmt.Printf("%s :: %s", + "Unveil failed", + err.Error()) + os.Exit(1) + } } |