florian/tlakh
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

This is C code, makes formatting nicer.

Browse Source
This commit is contained in:
Florian Obser 2023-02-19 09:56:58 +01:00
parent 802d39c296
commit 76dedab468
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
privsep.org
View File

@ -450,7 +450,7 @@ pledge what the process needs to run. The /engine/ process pledges
We then set-up the [[https://github.com/openbsd/src/blob/3c46ceeaef274bbef234dac63245c4b6567168d7/sbin/dhcpleased/frontend.c#L180][communication channel]] to the /parent/ (also known We then set-up the [[https://github.com/openbsd/src/blob/3c46ceeaef274bbef234dac63245c4b6567168d7/sbin/dhcpleased/frontend.c#L180][communication channel]] to the /parent/ (also known
as the /main/) process: as the /main/) process:
#+begin_src #+begin_src C
imsg_init(&iev_main->ibuf, 3); imsg_init(&iev_main->ibuf, 3);
iev_main->handler = frontend_dispatch_main; iev_main->handler = frontend_dispatch_main;
#+end_src #+end_src
@ -522,7 +522,7 @@ proposition.
But not all is lost. We can restrict the amount of havoc an attacker But not all is lost. We can restrict the amount of havoc an attacker
can cause if they ever get all the way to the /parent/ process using can cause if they ever get all the way to the /parent/ process using
[[https://man.openbsd.org/unveil.2][unveil(2)]]: [[https://man.openbsd.org/unveil.2][unveil(2)]]:
#+begin_src #+begin_src C
if (unveil(conffile, "r") == -1) if (unveil(conffile, "r") == -1)
fatal("unveil %s", conffile); fatal("unveil %s", conffile);
if (unveil("/dev/bpf", "rw") == -1) if (unveil("/dev/bpf", "rw") == -1)