diff options
| author | Mariusz Zaborski <oshogbo@FreeBSD.org> | 2018-11-12 17:47:51 +0000 |
|---|---|---|
| committer | Mariusz Zaborski <oshogbo@FreeBSD.org> | 2018-11-12 17:47:51 +0000 |
| commit | 9e4c5144e6ad7f3c51465bf92a0101d1e5afe845 (patch) | |
| tree | 2654d106cb64c26ca3d6057d8e6b48aa9611c403 /usr.bin/wc | |
| parent | cdd6ea94b0a4ec29cfaf5243fd52fd032da92bf6 (diff) | |
| download | src-test-9e4c5144e6ad7f3c51465bf92a0101d1e5afe845.tar.gz src-test-9e4c5144e6ad7f3c51465bf92a0101d1e5afe845.zip | |
wc: sandbox wc using capsicum
Reviewed by: AllanJude, emaste
Differential Revision: https://reviews.freebsd.org/D14409
Notes
Notes:
svn path=/head/; revision=340374
Diffstat (limited to 'usr.bin/wc')
| -rw-r--r-- | usr.bin/wc/Makefile | 8 | ||||
| -rw-r--r-- | usr.bin/wc/wc.c | 30 |
2 files changed, 37 insertions, 1 deletions
diff --git a/usr.bin/wc/Makefile b/usr.bin/wc/Makefile index 540e33d15c926..550b718e1478a 100644 --- a/usr.bin/wc/Makefile +++ b/usr.bin/wc/Makefile @@ -1,7 +1,15 @@ # @(#)Makefile 8.1 (Berkeley) 6/6/93 # $FreeBSD$ +.include <src.opts.mk> + PROG= wc LIBADD= xo +.if ${MK_CASPER} != "no" +LIBADD+= casper +LIBADD+= cap_fileargs +CFLAGS+=-DWITH_CASPER +.endif + .include <bsd.prog.mk> diff --git a/usr.bin/wc/wc.c b/usr.bin/wc/wc.c index c2990035c0c7e..196d6f488a815 100644 --- a/usr.bin/wc/wc.c +++ b/usr.bin/wc/wc.c @@ -44,9 +44,11 @@ static char sccsid[] = "@(#)wc.c 8.1 (Berkeley) 6/6/93"; #include <sys/cdefs.h> __FBSDID("$FreeBSD$"); +#include <sys/capsicum.h> #include <sys/param.h> #include <sys/stat.h> +#include <capsicum_helpers.h> #include <ctype.h> #include <err.h> #include <errno.h> @@ -61,6 +63,10 @@ __FBSDID("$FreeBSD$"); #include <wctype.h> #include <libxo/xo.h> +#include <libcasper.h> +#include <casper/cap_fileargs.h> + +static fileargs_t *fa; static uintmax_t tlinect, twordct, tcharct, tlongline; static int doline, doword, dochar, domulti, dolongline; static volatile sig_atomic_t siginfo; @@ -90,6 +96,7 @@ int main(int argc, char *argv[]) { int ch, errors, total; + cap_rights_t rights; (void) setlocale(LC_CTYPE, ""); @@ -125,6 +132,26 @@ main(int argc, char *argv[]) (void)signal(SIGINFO, siginfo_handler); + fa = fileargs_init(argc, argv, O_RDONLY, 0, + cap_rights_init(&rights, CAP_READ, CAP_FSTAT)); + if (fa == NULL) { + xo_warn("Unable to init casper"); + exit(1); + } + + caph_cache_catpages(); + if (caph_limit_stdio() < 0) { + xo_warn("Unable to limit stdio"); + fileargs_free(fa); + exit(1); + } + + if (caph_enter() < 0) { + xo_warn("Unable to enter capability mode"); + fileargs_free(fa); + exit(1); + } + /* Wc's flags are on by default. */ if (doline + doword + dochar + domulti + dolongline == 0) doline = doword = dochar = 1; @@ -158,6 +185,7 @@ main(int argc, char *argv[]) xo_close_container("total"); } + fileargs_free(fa); xo_close_container("wc"); xo_finish(); exit(errors == 0 ? 0 : 1); @@ -206,7 +234,7 @@ cnt(const char *file) linect = wordct = charct = llct = tmpll = 0; if (file == NULL) fd = STDIN_FILENO; - else if ((fd = open(file, O_RDONLY, 0)) < 0) { + else if ((fd = fileargs_open(fa, file)) < 0) { xo_warn("%s: open", file); return (1); } |