diff options
| author | Faraz Vahedi <kfv@kfv.io> | 2024-11-01 11:03:56 +0000 |
|---|---|---|
| committer | Mariusz Zaborski <oshogbo@FreeBSD.org> | 2026-03-01 17:03:13 +0000 |
| commit | 4a4c88533712f98a6b8fa04acb319f26aecccc3c (patch) | |
| tree | 025c4ad6d4a4f8586fc4282b0cf7c7d1794c4f18 | |
| parent | dde5113f470af34bf917ca2690d89c94dc8d6db0 (diff) | |
from(1): Capsicumise
Signed-off-by: Faraz Vahedi <kfv@kfv.io>
Reviewed by: imp, oshogbo, markj (previous version)
Pull Request: https://github.com/freebsd/freebsd-src/pull/1491
| -rw-r--r-- | usr.bin/from/from.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/usr.bin/from/from.c b/usr.bin/from/from.c index fb194dcc72d0..da9c6a7583ca 100644 --- a/usr.bin/from/from.c +++ b/usr.bin/from/from.c @@ -31,6 +31,7 @@ #include <sys/types.h> +#include <capsicum_helpers.h> #include <ctype.h> #include <err.h> #include <pwd.h> @@ -102,6 +103,9 @@ main(int argc, char **argv) else if ((mbox = fopen(file, "r")) == NULL) { errx(EXIT_FAILURE, "can't read %s", file); } + if (caph_limit_stdio() < 0 || caph_enter() < 0) { + err(EXIT_FAILURE, "capsicum"); + } for (newline = 1; fgets(buf, sizeof(buf), mbox);) { if (*buf == '\n') { newline = 1; |