Page MenuHomeFreeBSD
Files F148182592

D25905.id75227.diff
No OneTemporary
Actions

D25905.id75227.diff
View Options

Index: sbin/fsck_msdosfs/Makefile
===================================================================
--- sbin/fsck_msdosfs/Makefile
+++ sbin/fsck_msdosfs/Makefile
@@ -9,7 +9,7 @@
MAN= fsck_msdosfs.8
SRCS= main.c check.c boot.c fat.c dir.c fsutil.c
-CFLAGS+= -I${FSCK} -DHAVE_LIBUTIL_H
+CFLAGS+= -I${FSCK} -DHAVE_LIBUTIL_H -DHAVE_CAPSICUM
LIBADD= util
.include <bsd.prog.mk>
Index: sbin/fsck_msdosfs/check.c
===================================================================
--- sbin/fsck_msdosfs/check.c
+++ sbin/fsck_msdosfs/check.c
@@ -33,6 +33,9 @@
"$FreeBSD$";
#endif /* not lint */
+#ifdef HAVE_CAPSICUM
+#include<capsicum_helpers.h>
+#endif
#ifdef HAVE_LIBUTIL_H
#include <libutil.h>
#endif
@@ -62,6 +65,20 @@
printf("** %s", fname);
dosfs = open(fname, rdonly ? O_RDONLY : O_RDWR, 0);
+
+#ifdef HAVE_CAPSICUM
+ /*
+ * Here we enter capability mode. Further down access to global
+ * namespaces (e.g filesystem) is restricted (see capsicum(4)).
+ * We must connect(2) our socket before this point.
+ */
+
+ if (caph_enter() < 0) {
+ fprintf(stderr, "caph_enter_casper: %s\n", strerror(errno));
+ exit(1);
+ }
+#endif
+
if (dosfs < 0 && !rdonly) {
dosfs = open(fname, O_RDONLY, 0);
if (dosfs >= 0)

File Metadata

Mime Type
text/plain
Expires
Tue, Mar 17, 8:03 AM (8 h, 45 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
29817113
Default Alt Text
D25905.id75227.diff (1 KB)

Event Timeline