Capsicumize ping6
Add capsicum support to ping6, mostly copying the strategy used for ping.
Submitted by: Ján Sučan <jansucan@gmail.com>
Sponsored by: Google, inc. (Google Summer of Code 2019)
Differential D21050
Capsicumize ping6 asomers on Jul 24 2019, 4:09 AM. Authored by Tags None Referenced Files
Details
Capsicumize ping6 Add capsicum support to ping6, mostly copying the strategy used for ping. Submitted by: Ján Sučan <jansucan@gmail.com>
Diff Detail
Event TimelineComment Actions Nice. This mostly looks good to me. There are some seemingly unrelated changes: we drop privileges earlier, we set SO_DEBUG on both sockets, some whitespace changes. I would suggest having those be separate commits.
Comment Actions I will implement dropping privileges earlier in a separate commit. Comment Actions Thanks.
I had misunderstood how srecv is used, please ignore my comment about that.
I pointed out two. I thought I saw more when I took a first pass through the diff, but I can't find them.
Comment Actions Define two separate cap_rights_t sets, one for each socket, and use cap_rights_clear() to remove CAP_SETSOCKOPT before further limiting rights on those sockets. Wrap a long line to 80 columns. Do not change whitespaces. Comment Actions In general path looks good to me.
|