the following patch brings support for OpenBSD's unveil(2) mechanism for
ii.
diff --git a/ii.c b/ii.c
index 6c87314..76be002 100644
--- a/ii.c
+++ b/ii.c
@@ -827,7 +827,19 @@ main(int argc, char *argv[])
else
ircfd = tcpopen(host, service);
+ r = snprintf(ircpath, sizeof(ircpath), "%s/%s", prefix, host);
+ if (r < 0 || (size_t)r >= sizeof(ircpath)) {
+ fprintf(stderr, "%s: path to irc directory too long\n", argv0);
+ exit(1);
+ }
+ create_dirtree(ircpath);
+
#ifdef __OpenBSD__
+ /* OpenBSD unveil(2) support */
+ if (unveil(ircpath, "rwc") == -1) {
+ fprintf(stderr, "%s: unveil: %s\n", argv0, strerror(errno));
+ exit(1);
+ }
/* OpenBSD pledge(2) support */
if (pledge("stdio rpath wpath cpath dpath", NULL) == -1) {
fprintf(stderr, "%s: pledge: %s\n", argv0, strerror(errno));
@@ -835,13 +847,6 @@ main(int argc, char *argv[])
}
#endif
- r = snprintf(ircpath, sizeof(ircpath), "%s/%s", prefix, host);
- if (r < 0 || (size_t)r >= sizeof(ircpath)) {
- fprintf(stderr, "%s: path to irc directory too long\n", argv0);
- exit(1);
- }
- create_dirtree(ircpath);
-
channelmaster = channel_add(""); /* master channel */
if (key)
loginkey(ircfd, key);
