Rework pledge support after seccomp support has been added

author: Giovanni Bechis <giovanni@paclan.it> 2017-08-30 17:59:55 +0200
committer: dormando <dormando@rydia.net> 2017-11-04 13:07:28 -0700
commit: 105064c8a6ab98177a73355b72b489e69a2f98e8 (patch)
tree: f80bfda6484a5bacc1c36dbc7ca94f3843658a5c /openbsd_priv.c
parent: 7f4e0246e5c27baa9a7a690e5905f5ee56b80ece (diff)
download: memcached-105064c8a6ab98177a73355b72b489e69a2f98e8.tar.gz
1 files changed, 28 insertions, 0 deletions
diff --git a/openbsd_priv.c b/openbsd_priv.c
new file mode 100644
index 0000000..1e26ece
--- /dev/null
+++ b/openbsd_priv.c
@@ -0,0 +1,28 @@
+#include <errno.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <unistd.h>
+#include "memcached.h"
+
+/*
+ * this section of code will drop all (OpenBSD) privileges including
+ * those normally granted to all userland process (basic privileges). The
+ * effect of this is that after running this code, the process will not able
+ * to fork(), exec(), etc.  See pledge(2) for more information.
+ */
+void drop_privileges() {
+    extern char *__progname;
+
+    if (settings.socketpath != NULL) {
+       if (pledge("stdio unix", NULL) == -1) {
+          fprintf(stderr, "%s: pledge: %s\n", __progname, strerror(errno));
+          exit(EXIT_FAILURE);
+       }
+    } else {
+       if (pledge("stdio inet", NULL) == -1) {
+          fprintf(stderr, "%s: pledge: %s\n", __progname, strerror(errno));
+          exit(EXIT_FAILURE);
+       }
+     }
+}
author	Giovanni Bechis <giovanni@paclan.it>	2017-08-30 17:59:55 +0200
committer	dormando <dormando@rydia.net>	2017-11-04 13:07:28 -0700
commit	105064c8a6ab98177a73355b72b489e69a2f98e8 (patch)
tree	f80bfda6484a5bacc1c36dbc7ca94f3843658a5c /openbsd_priv.c
parent	7f4e0246e5c27baa9a7a690e5905f5ee56b80ece (diff)
download	memcached-105064c8a6ab98177a73355b72b489e69a2f98e8.tar.gz