Hi,
disclaimer: fortunately people are using ucc(4) instead of usbhidaction(1), the
devices I have cannot be tested properly with this diff so please bear with me.
this is similar to the diff I sent for usbhidctl(1), the exception is that you
can run this as a daemon and `conf' can be re-read on SIGHUP so it needs to be
unveil(2)ed as read-only.
comments? ok?
Index: usbhidaction.c
===================================================================
RCS file: /cvs/src/usr.bin/usbhidaction/usbhidaction.c,v
retrieving revision 1.23
diff -u -p -u -r1.23 usbhidaction.c
--- usbhidaction.c 28 Jun 2019 13:35:05 -0000 1.23
+++ usbhidaction.c 12 Dec 2021 01:19:05 -0000
@@ -164,6 +164,9 @@ main(int argc, char **argv)
isdemon = 1;
}
+ if (unveil(conf, "r") == -1)
+ err(1, "unveil ");
+
for(;;) {
n = read(fd, buf, sz);
if (verbose > 2) {
