diff options
| author | Roy Marples <roy@marples.name> | 2020-06-10 08:30:28 +0100 |
|---|---|---|
| committer | Roy Marples <roy@marples.name> | 2020-06-10 08:30:28 +0100 |
| commit | 8fdd34b858450503daf96409458fb48834d56163 (patch) | |
| tree | 1089c5ccf4d790fd09e7c3d294fa921e9ab8eadf /src/privsep.c | |
| parent | fe3409e0903d6b38be52ee99c1f47bc6e278d2b6 (diff) | |
| download | dhcpcd-8fdd34b858450503daf96409458fb48834d56163.tar.xz | |
privsep: RLIMIT_FSIZE works fine on pledge and capsicum
If you don't use the dhcpcd logfile option.
Duh.
Diffstat (limited to 'src/privsep.c')
| -rw-r--r-- | src/privsep.c | 9 |
1 files changed, 2 insertions, 7 deletions
diff --git a/src/privsep.c b/src/privsep.c index ec8e4cc1..b2f3b309 100644 --- a/src/privsep.c +++ b/src/privsep.c @@ -163,19 +163,14 @@ ps_dropprivs(struct dhcpcd_ctx *ctx) #endif } -#if !defined(HAVE_CAPSICUM) && !defined(HAVE_PLEDGE) - /* - * Prohibit large files - * Cannot offload this to the privilged actioneer because - * only the master process has access to it. - */ + /* Prohibit writing to files. + * Obviously this won't work if we are using a logfile. */ if (ctx->logfile == NULL) { if (setrlimit(RLIMIT_FSIZE, &rzero) == -1) { logerr("setrlimit RLIMIT_FSIZE"); return -1; } } -#endif #ifdef RLIMIT_NPROC /* Prohibit forks */ |