]> git.ipfire.org Git - thirdparty/dhcpcd.git/commit
projects / thirdparty / dhcpcd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ff68317) | patch
privsep: Limit rights generically rather than Capsicum specifc
authorRoy Marples <roy@marples.name>
Fri, 5 Jun 2020 19:24:21 +0000 (20:24 +0100)
committerRoy Marples <roy@marples.name>
Fri, 5 Jun 2020 19:24:21 +0000 (20:24 +0100)
commit7ef3d6a703f5c3b1fa537ae324f7d79f085f31f9
tree096d27b660b63c09ff2d66c183ab3a21b1fbea6ftree | snapshot
parentff6831723b04b617f73e88cf84387f46eea1faf5commit | diff
privsep: Limit rights generically rather than Capsicum specifc

You never know when another sandbox tech comes around.
While here, add limits for every socket in the unpriviledged
processes. Some were absent before.

Also, note that RLIMIT_NOFILE breaks our control socket so
temporary disable that.
src/control.c diff | blob | blame | history
src/dhcpcd.c diff | blob | blame | history
src/if-bsd.c diff | blob | blame | history
src/if.c diff | blob | blame | history
src/privsep-inet.c diff | blob | blame | history
src/privsep-root.c diff | blob | blame | history
src/privsep.c diff | blob | blame | history
src/privsep.h diff | blob | blame | history
Mirror of https://github.com/NetworkConfiguration/dhcpcd.git