ping
On Sun, 14 Jul 2019, Markus Hennecke wrote:
> When using an external program to provide the jabber password we need to
> allow proc and exec the same way like we do when using an external program
> for event handling. Tested with a gpg encrypted password file.
>
> Ok?
>
>
>
> Index: patches/patch-mcabber_main_c
> ===================================================================
> RCS file: /cvs/ports/net/mcabber/patches/patch-mcabber_main_c,v
> retrieving revision 1.2
> diff -u -p -r1.2 patch-mcabber_main_c
> --- patches/patch-mcabber_main_c 26 May 2017 10:34:53 -0000 1.2
> +++ patches/patch-mcabber_main_c 1 Feb 2019 18:02:56 -0000
> @@ -6,7 +6,7 @@ Index: mcabber/main.c
> if (ret == -2)
> exit(EXIT_FAILURE);
>
> -+ if (settings_opt_get("events_command")) {
> ++ if (settings_opt_get("events_command") || settings_opt_get("password_eval")) {
> + if (pledge("stdio rpath wpath cpath fattr inet dns tty proc exec", NULL) ==
> + -1) {
> + fprintf(stderr, "Cannot pledge: %s\n", strerror(errno));
>
No comments:
Post a Comment