CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2015/10/02 22:19:14
Modified files:
usr.bin/compress: main.c
Log message:
gzip can use tame "stdio wpath cpath fattr". this blocks a lot of
system behaviours such as forking, execve, sockets, etc.
in theory this extended by parsing the arguments first, and creating
the whitepathlist. the pathlist probably needs to be directory-oriented,
rather than exact path of files, because a gzip file may specify the
filename it wants (and that won't be available until it is opened, and
partially parsed). anyone want to give this a try?
gzip was an early goal for capsicum. who is running a capsicum gzip?
