On Mon, Jan 15, 2018 at 11:27 AM, Richard Hipp <d...@sqlite.org> wrote:
I will accept check-ins to a branch that invoke the fossil_pledge(X,Y) > utility function. The fossil_pledge(X,Y) function is a macro that > evaluates to a no-op except when compiled with -DFOSSIL_HAVE_PLEDGE. > If the FOSSIL_HAVE_PLEDGE macro is defined, then a routine is called > when invokes pledge() and errors out if there is a problem. > > See check-in https://www.fossil-scm.org/fossil/info/7b81a9993b4c8192 One question: Given that previously in this discussion thread mention was made of other mechanisms which provide similar capabilities for other operating systems as pledge does for OpenBSD, e.g. seccomp for Linux and capsicum for FreeBSD, would it make some sense to try to abstract this sort of thing as much as is reasonable and possible to do such that one FOSSIL_HAVE_(Something) macro will enable this sort of functionality for any operating system which can provide this sort of capability, at least which Fossil has been configured to make use of? Instead of having to have separate FOSSIL_HAVE_PLEDGE, FOSSIL_HAVE_SECCOMP, FOSSIL_HAVE_CAPSICUM, etc macros and related code scattered throughout the code base? I realize this is early days for all this stuff, and perfection is the enemy of good enough, etc, but I just wanted to raise the point for consideration before tons of work is done throughout the code base to enable this for one operating system, only to find later that it needed to be drastically reworked or torn out altogether to provide for enabling it on a second or third operating system. Thanks for your time. Joseph <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=icon> Virus-free. www.avast.com <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=link> <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2> _______________________________________________ fossil-dev mailing list fossil-dev@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/fossil-dev
