tame signify

Thu, 08 Oct 2015 08:13:54 -0700 

Without mucking about in the internals, here are some toplevel tame calls.


Index: signify.c
===================================================================
RCS file: /cvs/src/usr.bin/signify/signify.c,v
retrieving revision 1.100
diff -u -p -r1.100 signify.c
--- signify.c   16 Jan 2015 06:16:12 -0000      1.100
+++ signify.c   8 Oct 2015 15:11:05 -0000
@@ -663,6 +663,7 @@ main(int argc, char **argv)
                VERIFY
        } verb = NONE;
 
+       tame("stdio rpath wpath cpath tty", NULL);
 
        rounds = 42;
 
@@ -721,6 +722,25 @@ main(int argc, char **argv)
        }
        argc -= optind;
        argv += optind;
+
+       switch (verb) {
+       case GENERATE:
+       case SIGN:
+               /* keep it all */
+               break;
+       case CHECK:
+               tame("stdio rpath", NULL);
+               break;
+       case VERIFY:
+               if (embedded)
+                       tame("stdio rpath wpath cpath", NULL);
+               else
+                       tame("stdio rpath", NULL);
+               break;
+       default:
+               tame("stdio", NULL);
+               break;
+       }
 
 #ifndef VERIFYONLY
        if (verb == CHECK) {

Reply via email to