commit - d29a2ee2246e1b1b0c5222a823820e42422c894e
commit + 1ab7c96bb305e818b5dfa3b525d5ff635ad12a0a
blob - c3ba0491522221278f4796f3d2a1c51c2827f002
blob + f9056f0b96c7b44619d014132a40a2946c1b86f7
--- gmid.h
+++ gmid.h
/* sandbox.c */
void sandbox_server_process(void);
-void sandbox_executor_process(void);
void sandbox_logger_process(void);
/* utf8.c */
blob - 45f175d8ee59374625f1428eb8d301f466505673
blob + 78fc079906d679e45ce03e8477bd58614288e2f3
--- sandbox.c
+++ sandbox.c
}
void
-sandbox_executor_process(void)
-{
- log_notice(NULL, "Sandbox disabled! "
- "Please report issues upstream instead of disabling the sandbox.");
-}
-
-void
sandbox_logger_process(void)
{
return;
}
void
-sandbox_executor_process(void)
-{
- /*
- * We cannot capsicum the executor process because it needs to
- * fork(2)+execve(2) cgi scripts
- */
- return;
-}
-
-void
sandbox_logger_process(void)
{
if (cap_enter() == -1)
if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog) == -1)
fatal("%s: prctl(PR_SET_SECCOMP): %s\n",
__func__, strerror(errno));
-}
-
-void
-sandbox_executor_process(void)
-{
- /*
- * We cannot use seccomp for the executor process because we
- * don't know what the child will do. Also, our filter will
- * be inherited so the child cannot set its own seccomp
- * policy.
- */
- return;
}
void
}
void
-sandbox_executor_process(void)
-{
- struct vhost *h;
- struct location *l;
- struct fcgi *f;
- size_t i;
-
- TAILQ_FOREACH(h, &hosts, vhosts) {
- TAILQ_FOREACH(l, &h->locations, locations) {
- if (l->dir == NULL)
- continue;
-
- /* r so we can chdir into the directory */
- if (unveil(l->dir, "rx") == -1)
- fatal("unveil %s for domain %s",
- l->dir, h->domain);
- }
- }
-
- for (i = 0; i < FCGI_MAX; i++) {
- f = &fcgi[i];
- if (f->path != NULL) {
- if (unveil(f->path, "rw") == -1)
- fatal("unveil %s", f->path);
- }
-
- if (f->prog != NULL) {
- if (unveil(f->prog, "rx") == -1)
- fatal("unveil %s", f->prog);
- }
- }
-
- /*
- * rpath: to chdir into the correct directory
- * proc exec: CGI
- * dns inet unix: FastCGI
- */
- if (pledge("stdio rpath sendfd proc exec dns inet unix", NULL))
- err(1, "pledge");
-}
-
-void
sandbox_logger_process(void)
{
if (pledge("stdio recvfd", NULL) == -1)
}
void
-sandbox_executor_process(void)
-{
- log_notice(NULL, "no sandbox method known for this OS");
-}
-
-void
sandbox_logger_process(void)
{
return;