From e706dbbed570099eab64d878b507b903b5d29a7f Mon Sep 17 00:00:00 2001 From: Andinus Date: Sun, 10 May 2020 01:20:15 +0530 Subject: Refine pledge permissions --- pictor.pl | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/pictor.pl b/pictor.pl index f271d9f..fec65d4 100755 --- a/pictor.pl +++ b/pictor.pl @@ -6,7 +6,8 @@ use feature 'say'; use OpenBSD::Pledge; use OpenBSD::Unveil; -pledge( qw( rpath unveil ) ) or +# Inititalize pledge. +pledge( qw( stdio rpath unveil ) ) or die "Unable to pledge: $!"; # $term will store the user input. @@ -43,8 +44,8 @@ foreach my $fn (@files) { unveil() or die "Unable to lock unveil: $!"; -# drop pledge permissions -pledge( qw( rpath )) or +# Drop unveil permission. +pledge( qw( stdio rpath ) ) or die "Unable to pledge: $!"; # $total_acronyms will hold the total number of acronyms we find. @@ -71,10 +72,15 @@ foreach my $fn (@files) { } } +# Drop rpath permission. +pledge( qw( stdio ) ) or + die "Unable to pledge: $!"; + # Print an error message if we don't find any match. say STDERR "I don't know what '$term' means!" and exit 1 unless $total_acronyms; +# Drop pledge permissions. pledge() or die "Unable to pledge: $!"; -- cgit 1.4.1-2-gfad0