Commit Diff
Commit:
d3d07147e45c1d13f2879130149ab354574e0f32
Date:
Tue Aug 30 10:25:46 2022
UTC
Message:
specify why it's not using tmppath pledge promise
in theory `mexp' could use the tmppath pledge promise and drop
unveil("/tmp/", "rwc") BUT File::Temp checks whether /tmp exists.
Another option would be to unveil("/tmp", "r") and use tmppath, but that
could seem misleading.
(noticed after semarie@ reminded me of `tmppath')
--- mexp
+++ mexp
@@ -22,10 +22,12 @@ unveil("/tmp", "rwc") or die "unveil /tmp: $!";
unveil("/usr/local/bin/mshow", "rx") or die "unveil mshow: $!";
unveil($outdir, "rwc") or die "unveil $outdir: $!";
+
+# can't use tmppath because File::Temp checks whether /tmp exists.
unveil("/tmp", "rwc") or die "unveil /tmp: $!";
unveil(".", "r") or die "unveil .: $!";
-# fattr because of File::Temp somehow.
+# fattr for File::Temp
pledge("stdio rpath wpath cpath proc exec fattr") or die "pledge: $!";
my $tid;
Omar Polo