tmux can call pledge() in main with large set and then reduce it

slightly in the server to "stdio rpath wpath cpath fattr unix recvfd proc exec tty ps".
2024-11-08 01:04:06 +01:00 · 2015-10-23 16:07:29 +00:00 · 2015-10-23 16:07:29 +00:00 · 5383b047d1
commit 5383b047d1
parent 14da999408
2 changed files with 9 additions and 0 deletions
--- a/server.c
+++ b/server.c
@ -178,6 +178,10 @@ server_start(struct event_base *base, int lockfd, char *lockfile)
 	}
 	close(pair[0]);

+	if (pledge("stdio rpath wpath cpath fattr unix recvfd proc exec tty "
+	    "ps", NULL) != 0)
+		fatal("pledge failed");
+
 	/*
 	 * Must daemonise before loading configuration as the PID changes so
 	 * $TMUX would be wrong for sessions created in the config file.
--- a/tmux.c
+++ b/tmux.c
@ -19,6 +19,7 @@
 #include <sys/types.h>
 #include <sys/stat.h>

+#include <err.h>
 #include <errno.h>
 #include <event.h>
 #include <fcntl.h>
@ -254,6 +255,10 @@ main(int argc, char **argv)
 	if (shell_cmd != NULL && argc != 0)
 		usage();

+	if (pledge("stdio rpath wpath cpath flock fattr unix sendfd recvfd "
+	    "proc exec tty ps", NULL) != 0)
+		err(1, "pledge");
+
 	if (!(flags & CLIENT_UTF8)) {
 		/*
 		 * If the user has set whichever of LC_ALL, LC_CTYPE or LANG