Author: cem Date: Mon Sep 19 16:14:38 2016 New Revision: 305982 URL: https://svnweb.freebsd.org/changeset/base/305982
Log: tr(1): Capsicumify This is a straightforward single input, single output program for capsicum. Reviewed by: bapt Sponsored by: Dell EMC Isilon Differential Revision: https://reviews.freebsd.org/D7928 Modified: head/usr.bin/tr/tr.c Modified: head/usr.bin/tr/tr.c ============================================================================== --- head/usr.bin/tr/tr.c Mon Sep 19 16:13:00 2016 (r305981) +++ head/usr.bin/tr/tr.c Mon Sep 19 16:14:38 2016 (r305982) @@ -41,16 +41,19 @@ static const char copyright[] = static const char sccsid[] = "@(#)tr.c 8.2 (Berkeley) 5/4/95"; #endif +#include <sys/capsicum.h> #include <sys/types.h> #include <ctype.h> #include <err.h> +#include <errno.h> #include <limits.h> #include <locale.h> #include <stdint.h> #include <stdio.h> #include <stdlib.h> #include <string.h> +#include <termios.h> #include <unistd.h> #include <wchar.h> #include <wctype.h> @@ -69,6 +72,8 @@ int main(int argc, char **argv) { static int carray[NCHARS_SB]; + cap_rights_t rights; + unsigned long cmd; struct cmap *map; struct cset *delete, *squeeze; int n, *p; @@ -77,6 +82,27 @@ main(int argc, char **argv) (void)setlocale(LC_ALL, ""); + cap_rights_init(&rights, CAP_FSTAT, CAP_IOCTL, CAP_READ); + if (cap_rights_limit(STDIN_FILENO, &rights) < 0 && errno != ENOSYS) + err(1, "unable to limit rights for stdin"); + cap_rights_init(&rights, CAP_FSTAT, CAP_IOCTL, CAP_WRITE); + if (cap_rights_limit(STDOUT_FILENO, &rights) < 0 && errno != ENOSYS) + err(1, "unable to limit rights for stdout"); + if (cap_rights_limit(STDERR_FILENO, &rights) < 0 && errno != ENOSYS) + err(1, "unable to limit rights for stderr"); + + /* Required for isatty(3). */ + cmd = TIOCGETA; + if (cap_ioctls_limit(STDIN_FILENO, &cmd, 1) < 0 && errno != ENOSYS) + err(1, "unable to limit ioctls for stdin"); + if (cap_ioctls_limit(STDOUT_FILENO, &cmd, 1) < 0 && errno != ENOSYS) + err(1, "unable to limit ioctls for stdout"); + if (cap_ioctls_limit(STDERR_FILENO, &cmd, 1) < 0 && errno != ENOSYS) + err(1, "unable to limit ioctls for stderr"); + + if (cap_enter() < 0 && errno != ENOSYS) + err(1, "unable to enter capability mode"); + Cflag = cflag = dflag = sflag = 0; while ((ch = getopt(argc, argv, "Ccdsu")) != -1) switch((char)ch) { _______________________________________________ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
