Mercurial > hg > dhcpcd

changeset 5344:3df49497d40b draft

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
privsep: RLIMIT_FSIZE works fine on pledge and capsicum If you don't use the dhcpcd logfile option. Duh.
author Roy Marples <roy@marples.name>
date Wed, 10 Jun 2020 08:30:28 +0100
parents 8b216a105409
children f6051f78e441
files src/privsep.c
diffstat 1 files changed, 2 insertions(+), 7 deletions(-) [+]
line wrap: on
line diff
--- a/src/privsep.c	Wed Jun 10 07:34:18 2020 +0100
+++ b/src/privsep.c	Wed Jun 10 08:30:28 2020 +0100
@@ -163,19 +163,14 @@
 #endif
 	}
 
-#if !defined(HAVE_CAPSICUM) && !defined(HAVE_PLEDGE)
-	/*
-	 * Prohibit large files
-	 * Cannot offload this to the privilged actioneer because
-	 * only the master process has access to it.
-	 */
+	/* Prohibit writing to files.
+	 * Obviously this won't work if we are using a logfile. */
 	if (ctx->logfile == NULL) {
 		if (setrlimit(RLIMIT_FSIZE, &rzero) == -1) {
 			logerr("setrlimit RLIMIT_FSIZE");
 			return -1;
 		}
 	}
-#endif
 
 #ifdef RLIMIT_NPROC
 	/* Prohibit forks */