Commit Diff

Commit:
3c7ed8d83ed06a3b7f30ceb6ba692e515f91e980
From:
Omar Polo <op@omarpolo.com>
Date:
Message:
sandbox: temporarly disable unveil(2) on OpenBSD I'd like to use execlp() in the near future, which means that unveil needs to be disabled. It's already virtually disabled, since we can shell out to execute stuff, so it's not a great loss. This will be improved in the future once the "core" process will be split off the UI.
Actions:
Patch | Tree
commit - 0fceedb5fedbf154222ba2e675ee20bd5651008f
commit + 3c7ed8d83ed06a3b7f30ceb6ba692e515f91e980
blob - 93d2b08be50bfeaa5e4a9a49c0c0cddb022d752f
blob + 629f87dee1f5e83d4b8de5239252a20d95b6a129
--- sandbox.c
+++ sandbox.c
@@ -39,6 +39,7 @@ sandbox_net_process(void)
 void
 sandbox_ui_process(void)
 {
+#if notyet
 	char path[PATH_MAX];
 
 	if (unveil("/tmp", "rwc") == -1)
@@ -60,6 +61,7 @@ sandbox_ui_process(void)
 
 	if (unveil("/bin/sh", "rx") == -1)
 		err(1, "unveil(xdg-open)");
+#endif
 
 	if (pledge("stdio rpath wpath cpath unix tty proc exec",
 	    NULL) == -1)