From a1bcdc225e1c9b890214fcea3d19d85226fc552a Mon Sep 17 00:00:00 2001 From: Aaron Bieber <aaron@bolddaemon.com> Date: Sat, 18 Jan 2020 22:13:32 -0700 Subject: [PATCH] Add pledge(2) support (OpenBSD only) via a 'protector' package. (#1297) --- main.go | 6 +++++- src/protector/protector.go | 8 ++++++++ src/protector/protector_openbsd.go | 10 ++++++++++ 3 files changed, 23 insertions(+), 1 deletion(-) create mode 100644 src/protector/protector.go create mode 100644 src/protector/protector_openbsd.go diff --git a/main.go b/main.go index 3b59244..f444f8b 100644 --- a/main.go +++ b/main.go @@ -1,9 +1,13 @@ package main -import "github.com/junegunn/fzf/src" +import ( + "github.com/junegunn/fzf/src" + "github.com/junegunn/fzf/src/protector" +) var revision string func main() { + protector.Protect() fzf.Run(fzf.ParseOptions(), revision) } diff --git a/src/protector/protector.go b/src/protector/protector.go new file mode 100644 index 0000000..2739c01 --- /dev/null +++ b/src/protector/protector.go @@ -0,0 +1,8 @@ +// +build !openbsd + +package protector + +// Protect calls OS specific protections like pledge on OpenBSD +func Protect() { + return +} diff --git a/src/protector/protector_openbsd.go b/src/protector/protector_openbsd.go new file mode 100644 index 0000000..84a5ded --- /dev/null +++ b/src/protector/protector_openbsd.go @@ -0,0 +1,10 @@ +// +build openbsd + +package protector + +import "golang.org/x/sys/unix" + +// Protect calls OS specific protections like pledge on OpenBSD +func Protect() { + unix.PledgePromises("stdio rpath tty proc exec") +}