Support OpenBSD 6.0 pledge() syscall for sandboxing.

mobile-shell · Sep 19, 2016 · 1077db4 · 1077db4
1 parent 5619dd4
commit 1077db4
Show file tree

Hide file tree

Showing 3 changed files with 21 additions and 0 deletions.
diff --git a/configure.ac b/configure.ac
@@ -249,6 +249,7 @@ AC_CHECK_FUNCS(m4_normalize([
   pselect
   getaddrinfo
   getnameinfo
+  pledge
   ]))
 
 AC_SEARCH_LIBS([clock_gettime], [rt], [AC_DEFINE([HAVE_CLOCK_GETTIME], [1], [Define if clock_gettime is available.])])

diff --git a/src/frontend/mosh-server.cc b/src/frontend/mosh-server.cc
@@ -33,6 +33,7 @@
 #include "config.h"
 #include "version.h"
 
+#include <err.h>
 #include <errno.h>
 #include <locale.h>
 #include <string.h>
@@ -563,6 +564,15 @@ static int run_server( const char *desired_ip, const char *desired_port,
   } else {
     /* parent */
 
+    /* Drop unnecessary privileges */
+#ifdef HAVE_PLEDGE
+    /* OpenBSD pledge() syscall */
+    if ( pledge( "stdio inet ioctl tty", NULL )) {
+      perror( "pledge() failed" );
+      exit( 1 );
+    }
+#endif
+
 #ifdef HAVE_UTEMPTER
     /* make utmp entry */
     utempter_add_record( master, utmp_entry );

diff --git a/src/frontend/stmclient.cc b/src/frontend/stmclient.cc
@@ -32,6 +32,7 @@
 
 #include "config.h"
 
+#include <err.h>
 #include <errno.h>
 #include <locale.h>
 #include <string.h>
@@ -407,6 +408,15 @@ bool STMClient::main( void )
   /* initialize signal handling and structures */
   main_init();
 
+  /* Drop unnecessary privileges */
+#ifdef HAVE_PLEDGE
+  /* OpenBSD pledge() syscall */
+  if ( pledge( "stdio inet ioctl tty", NULL )) {
+    perror( "pledge() failed" );
+    exit( 1 );
+  }
+#endif
+
   /* prepare to poll for events */
   Select &sel = Select::get_instance();