tUpdate unveil rules to fix upstart issue after new X session - surf - customized build of surf, the suckless webkit browser
(HTM) git clone git://src.adamsgaard.dk/surf
(DIR) Log
(DIR) Files
(DIR) Refs
(DIR) README
(DIR) LICENSE
---
(DIR) commit 90c835416e14473f0d3931df14f3e9ce6e24e829
(DIR) parent 92b7936f4746136a1f4c24774ecbcc3bfb4c1ba9
(HTM) Author: Anders Damsgaard <anders@adamsgaard.dk>
Date: Sun, 5 Jan 2020 08:33:56 +0100
Update unveil rules to fix upstart issue after new X session
Diffstat:
M surf.c | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
---
(DIR) diff --git a/surf.c b/surf.c
t@@ -2043,19 +2043,25 @@ main(int argc, char *argv[])
if (unveil("/etc/aspell.conf", "r") == -1)
err(1, "unveil");
+ if (unveil("/etc/localtime", "r") == -1)
+ err(1, "unveil");
+
if (unveil("/etc/machine-id", "r") == -1)
err(1, "unveil");
if (unveil("/tmp", "rwc") == -1)
err(1, "unveil /tmp");
+ if (unveil("/proc", "rw") == -1)
+ err(1, "unveil");
+
if (unveil("/usr/libexec", "r") == -1)
err(1, "unveil");
- if (unveil("/usr/local/bin", "x") == -1)
+ if (unveil("/usr/local/bin", "rx") == -1)
err(1, "unveil");
- if (unveil("/usr/local/lib", "r") == -1)
+ if (unveil("/usr/local/lib", "rx") == -1)
err(1, "unveil");
if (unveil("/usr/local/libexec/webkit2gtk-4.0", "x") == -1)
t@@ -2076,7 +2082,7 @@ main(int argc, char *argv[])
if (unveil("/usr/X11R6/lib", "rx") == -1)
err(1, "unveil");
- if (unveil("/var/run", "r") == -1)
+ if (unveil("/var", "rw") == -1)
err(1, "unveil");
if (pledge("stdio rpath wpath cpath dpath tmppath fattr chown flock unix "