I will accept check-ins to a branch that invoke the fossil_pledge(X,Y) utility function. The fossil_pledge(X,Y) function is a macro that evaluates to a no-op except when compiled with -DFOSSIL_HAVE_PLEDGE. If the FOSSIL_HAVE_PLEDGE macro is defined, then a routine is called when invokes pledge() and errors out if there is a problem.
See check-in https://www.fossil-scm.org/fossil/info/7b81a9993b4c8192 I was unable to fully test the patch above because the only OpenBSD system I have access to is a login on devio.us and that machine is running OpenBSD 5.8 and pledge() is only available in 5.9 and later. Please note that you will need to submit a Contributors License Agreement (https://www.fossil-scm.org/fossil/doc/trunk/www/copyright-release.pdf) in order to be able to commit to Fossil. See https://www.fossil-scm.org/fossil/doc/trunk/www/contribute.wiki for additional information. Also note that the patch to submit_cmd() shown below is incorrect. It adds code before variable declarations, which is legal in newer versions of C (I forget exactly when that feature was added) but Fossil needs to be able to build on systems with older C compilers that require all variable declarations to occur before any code within the block. On 1/15/18, Christian Stærk <x...@borderworlds.dk> wrote: > On 01/14/18 18:06, Richard Hipp wrote: > >> On 1/14/18, Christian Stærk <x...@borderworlds.dk> wrote: >>> What do you think? Is this desirable? >>> >> I'm certainly willing to consider it, but I want to see some examples >> before committed to this path. > As for pledge, it is a fairly simple interface. Online man page is here: > https://man.openbsd.org/pledge.2 > > I wrote a small wrapper for fossil as a sort of proof of concept and to > get a better feel for the pledge interface: > https://borderworlds.dk/~xi/fossil-wrapper.c.txt > > I tried to add a pledge-call for the status_cmd() function: > https://borderworlds.dk/~xi/fossil-pledge.diff.txt > > As the code is, it looks like the entire range of syscalls initially > allowed are neccesary all the way through the function. :-/ > > Best regards > Christian > _______________________________________________ > fossil-dev mailing list > fossil-dev@mailinglists.sqlite.org > http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/fossil-dev > -- D. Richard Hipp d...@sqlite.org _______________________________________________ fossil-dev mailing list fossil-dev@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/fossil-dev
