D11131.id29417.diff
No OneTemporary
Actions

Size

1 KB

Referenced Files

None

Subscribers

None

D11131.id29417.diff
View Options

	Index: usr.bin/uuencode/uuencode.c
	===================================================================
	--- usr.bin/uuencode/uuencode.c
	+++ usr.bin/uuencode/uuencode.c
	@@ -46,13 +46,16 @@
	*
	* Encode a file so it can be mailed to a remote system.
	*/
	+#include <sys/capsicum.h>
	#include <sys/param.h>
	#include <sys/socket.h>
	#include <sys/stat.h>

	#include <netinet/in.h>

	+#include <capsicum_helpers.h>
	#include <err.h>
	+#include <errno.h>
	#include <libgen.h>
	#include <resolv.h>
	#include <stdio.h>
	@@ -125,8 +128,23 @@
	output = fopen(outfile, "w+");
	if (output == NULL)
	err(1, "unable to open %s for output", outfile);
	+
	+ cap_rights_t out_rights;
	+ cap_rights_init(&out_rights, CAP_FSTAT \| CAP_WRITE \| CAP_SEEK );
	+ if (cap_rights_limit( output->_file, &out_rights ))
	+ err(1, "unable to limit rights for %s", outfile);
	} else
	output = stdout;
	+
	+
	+ if (caph_limit_stdio() != 0)
	+ errx(1, "Failed to limit std{in,out,err}");
	+
	+
	+
	+ if (cap_enter() < 0 && errno != ENOSYS)
	+ err(1, "unable to enter capability mode");
	+
	if (base64)
	base64_encode();
	else