45 lines
1.2 KiB
Go
45 lines
1.2 KiB
Go
//+build openbsd
|
|
|
|
/*
|
|
Package protect is a wrapper for OpenBSD's pledge(2) and unveil(2) system
|
|
calls.
|
|
|
|
This library is trivial, but I found myself writing it often enough that I
|
|
figure it should be a package.
|
|
*/
|
|
|
|
package protect
|
|
|
|
import (
|
|
"golang.org/x/sys/unix"
|
|
)
|
|
|
|
// Unveil is a wrapper for OpenBSD's unveil(2). unveil can be used to limit
|
|
// a processes view of the filesystem.
|
|
//
|
|
// The first call to Unveil removes a processes visibility to everything
|
|
// except 'path'. Any subsequent calls expand the view to contain those
|
|
// paths. Finally a call to UnveilBlock will lock the view in place.
|
|
// Preventing access to anything else.
|
|
//
|
|
// On non-OpenBSD machines this call is a noop.
|
|
func Unveil(path string, flags string) {
|
|
unix.Unveil(path, flags)
|
|
}
|
|
|
|
// UnveilBlock locks the Unveil'd paths. Preventing further changes to a
|
|
// processes filesystem view.
|
|
//
|
|
// On non-OpenBSD machines this call is a noop.
|
|
func UnveilBlock() {
|
|
unix.UnveilBlock()
|
|
}
|
|
|
|
// Pledge wraps OpenBSD's pledge(2) system call. One can use this to limit
|
|
// the system calls a process can make.
|
|
//
|
|
// On non-OpenBSD machines this call is a noop.
|
|
func Pledge(promises string) {
|
|
unix.PledgePromises(promises)
|
|
}
|