RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 09:37:34 +00:00
Code Issues Activity Actions

userdel: Use pledge() and unveil()

Browse source
This commit is contained in:
Brendan Coles 2021-01-12 06:39:08 +00:00 committed by Andreas Kling
parent eece9edd91
commit 959970e060
1 changed files with 24 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

24
Userland/userdel.cpp
View file

@ -43,6 +43,23 @@
int main(int argc, char** argv) int main(int argc, char** argv)
{ {
if (pledge("stdio wpath rpath cpath fattr proc exec", nullptr) < 0) {
perror("pledge");
return 1;
}
if (unveil("/etc/", "rwc") < 0) {
perror("unveil");
return 1;
}
if (unveil("/bin/rm", "x") < 0) {
perror("unveil");
return 1;
}
unveil(nullptr, nullptr);
const char* username = nullptr; const char* username = nullptr;
bool remove_home = false; bool remove_home = false;
@ -51,6 +68,13 @@ int main(int argc, char** argv)
args_parser.add_positional_argument(username, "Login user identity (username)", "login"); args_parser.add_positional_argument(username, "Login user identity (username)", "login");
args_parser.parse(argc, argv); args_parser.parse(argc, argv);
if (!remove_home) {
if (pledge("stdio wpath rpath cpath fattr", nullptr) < 0) {
perror("pledge");
return 1;
}
}
char temp_filename[] = "/etc/passwd.XXXXXX"; char temp_filename[] = "/etc/passwd.XXXXXX";
auto fd = mkstemp(temp_filename); auto fd = mkstemp(temp_filename);
if (fd == -1) { if (fd == -1) {