1 /*
2  * Copyright (c) 2021 Omar Polo <op@omarpolo.com>
3  *
4  * Permission to use, copy, modify, and distribute this software for any
5  * purpose with or without fee is hereby granted, provided that the above
6  * copyright notice and this permission notice appear in all copies.
7  *
8  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15  */
16 
17 #include "gmid.h"
18 #include "log.h"
19 
20 #if defined(__OpenBSD__)
21 
22 #include <unistd.h>
23 
24 void
25 sandbox_main_process(void)
26 {
27 	if (pledge("stdio rpath inet dns sendfd", NULL) == -1)
28 		fatal("pledge");
29 }
30 
31 void
32 sandbox_server_process(void)
33 {
34 	if (pledge("stdio rpath inet unix dns recvfd", NULL) == -1)
35 		fatal("pledge");
36 }
37 
38 void
39 sandbox_crypto_process(void)
40 {
41 	if (pledge("stdio recvfd", NULL) == -1)
42 		fatal("pledge");
43 }
44 
45 void
46 sandbox_logger_process(void)
47 {
48 	if (pledge("stdio recvfd", NULL) == -1)
49 		fatal("pledge");
50 }
51 
52 #else
53 
54 void
55 sandbox_main_process(void)
56 {
57 	return;
58 }
59 
60 void
61 sandbox_server_process(void)
62 {
63 	return;
64 }
65 
66 void
67 sandbox_crypto_process(void)
68 {
69 	return;
70 }
71 
72 void
73 sandbox_logger_process(void)
74 {
75 	return;
76 }
77 
78 #endif