]> git.ipfire.org Git - thirdparty/nqptp.git/commit
projects / thirdparty / nqptp.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4586bb0) | patch
Hoist control socket handling, restrict runtime on OpenBSD 31/head
authorKlemens Nanni <kn@openbsd.org>
Sat, 27 Jan 2024 05:44:35 +0000 (06:44 +0100)
committerKlemens Nanni <klemens@posteo.de>
Sat, 27 Jan 2024 07:45:36 +0000 (08:45 +0100)
commit6e5f6943f8d3bdd86ed190d34e4f7b1028a1b005
tree38d43529e5f57ddaa8a6a7da29105fff2f54f717tree
parent4586bb084a98e3b9f18d101fb91c72112a527323commit | diff
Hoist control socket handling, restrict runtime on OpenBSD

Use pledge(2) to prevent fork/exec, filesystem access and other
unused subsets of system calls, effectively leaving only shared
memory and networking capabilities at runtime.

(Those might be further reduced, but that warrants further analysis
 and most likely more code shuffling.)
nqptp.c diff | blob | blame | history
Mirror of https://github.com/mikebrady/nqptp.git