On Friday, May 29, 2020, Stuart Henderson <s...@spacehopper.org> wrote:
> On 2020/05/29 08:30, Luke Small wrote:
> > You mention a lot of files that need to be read, but a program like
> pkg_add can make it the
> > _pkgfetch (57) user which has no directory and I’m guessing not in
> interactive mode. At the
> > very least, in noninteractive mode you could unveil(“/“, “rx”); and
> change the specified output
> > file discover the name of the file that is to be downloaded and unveil
> it as “cw” !
> > --
> > -Luke
>
> What problem are you trying to solve?
>
> If you are concerned about writes, use "ftp -o - $URL > somefile", it will
> run without cpath/wpath, which is functionally similar to unveil("/", "rx")
> (a bit stronger, because a program trying to write will be killed, rather
> than just having a file access error).
>
> pkg_add(1) already uses "ftp -o -":
>
> # ktrace -di pkg_add -u moo
> quirks-3.339 signed on 2020-05-27T20:05:28Z
>
> # kdump | grep promise=
> 61644 ftp STRU promise="stdio rpath dns tty inet proc exec fattr"
> 41938 signify STRU promise="stdio rpath wpath cpath tty"
> 41938 signify STRU promise="stdio rpath"
> 24897 ftp STRU promise="stdio rpath dns tty inet proc exec fattr"
> 54324 signify STRU promise="stdio rpath wpath cpath tty"
> 54324 signify STRU promise="stdio rpath"
> 9188 ftp STRU promise="stdio rpath dns tty inet proc exec fattr"
If you need a diff written, I’m sure a developer would be willing in return
for a donation.
