Permalink
Browse files

Add Capsicum support, tested by and initial diff from Loganaden Velvi…

…ndron.
  • Loading branch information...
1 parent 56487a7 commit fb01af6b7946194e5a7f85e73d4208778266317e @brynet committed May 11, 2015
Showing with 5 additions and 0 deletions.
  1. +5 −0 sandbox.c
View
@@ -23,6 +23,8 @@
#ifdef __OpenBSD__
#include <dev/systrace.h>
+#elif __FreeBSD__
+#include <sys/capability.h>
#elif __linux
#include <sys/resource.h>
#include <sys/prctl.h>
@@ -209,6 +211,9 @@ sandbox_child(const char *user)
if (prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER,
&child_program) == -1)
err(1, "prctl(PR_SET_SECCOMP/SECCOMP_MODE_FILTER)");
+#elif __FreeBSD__
+ if (cap_enter() == -1)
+ err(1, "cap_enter()");
#elif __OpenBSD__
if (kill(getpid(), SIGSTOP) != 0)
err(1, "kill(SIGSTOP)");

0 comments on commit fb01af6

Please sign in to comment.