Add support for Mac OS X's sandbox_init(3) sandbox functionality, which

is marked as DEPRECATED in OS X after 2011 or so, but has not been
removed and has no replacement.

ok schwarze@

diff --git a/Makefile b/Makefile
index 91a671fcb4ea5da76a029d7babc42eeb469812ef..f76b13763136dcef9281031ffd2c5ecad9816070 100644 (file)
--- a/Makefile
+++ b/Makefile
@@ -1,4 +1,4 @@
-# $Id: Makefile,v 1.487 2016/07/10 18:24:23 schwarze Exp $
+# $Id: Makefile,v 1.488 2016/07/12 05:18:38 kristaps Exp $
 #
 # Copyright (c) 2010, 2011, 2012 Kristaps Dzonsons <kristaps@bsd.lv>
 # Copyright (c) 2011, 2013-2016 Ingo Schwarze <schwarze@openbsd.org>
@@ -33,6 +33,7 @@ TESTSRCS       = test-dirent-namlen.c \
                   test-reallocarray.c \
                   test-rewb-bsd.c \
                   test-rewb-sysv.c \
+                  test-sandbox_init.c \
                   test-sqlite3.c \
                   test-sqlite3_errstr.c \
                   test-strcasestr.c \

diff --git a/configure b/configure
index 13fd1409941ba90c8156df9e6134ff88944da7aa..6f2c4116bf30f6589663aab47c2cf43b58f4534b 100755 (executable)
--- a/configure
+++ b/configure
@@ -58,6 +58,7 @@ HAVE_PROGNAME=
 HAVE_REALLOCARRAY=
 HAVE_REWB_BSD=
 HAVE_REWB_SYSV=
+HAVE_SANDBOX_INIT=
 HAVE_STRCASESTR=
 HAVE_STRINGLIST=
 HAVE_STRLCAT=
@@ -186,6 +187,7 @@ runtest isblank             ISBLANK         || true
 runtest mkdtemp                MKDTEMP         || true
 runtest mmap           MMAP            || true
 runtest pledge         PLEDGE          || true
+runtest sandbox_init   SANDBOX_INIT    || true
 runtest progname       PROGNAME        || true
 runtest reallocarray   REALLOCARRAY    || true
 runtest rewb-bsd       REWB_BSD        || true
@@ -317,6 +319,7 @@ cat << __HEREDOC__
 #define HAVE_REALLOCARRAY ${HAVE_REALLOCARRAY}
 #define HAVE_REWB_BSD ${HAVE_REWB_BSD}
 #define HAVE_REWB_SYSV ${HAVE_REWB_SYSV}
+#define HAVE_SANDBOX_INIT ${HAVE_SANDBOX_INIT}
 #define HAVE_STRCASESTR ${HAVE_STRCASESTR}
 #define HAVE_STRINGLIST ${HAVE_STRINGLIST}
 #define HAVE_STRLCAT ${HAVE_STRLCAT}

diff --git a/main.c b/main.c
index a03ab0fef6d407950c9b58ee31e4da14f064bf47..527db244283e99c7702c95a4eba90fa74b31e0bb 100644 (file)
--- a/main.c
+++ b/main.c
@@ -1,4 +1,4 @@
-/*     $Id: main.c,v 1.268 2016/07/10 14:05:13 schwarze Exp $ */
+/*     $Id: main.c,v 1.269 2016/07/12 05:18:38 kristaps Exp $ */
 /*
  * Copyright (c) 2008-2012 Kristaps Dzonsons <kristaps@bsd.lv>
  * Copyright (c) 2010-2012, 2014-2016 Ingo Schwarze <schwarze@openbsd.org>
@@ -30,6 +30,9 @@
 #include <errno.h>
 #include <fcntl.h>
 #include <glob.h>
+#if HAVE_SANDBOX_INIT
+#include <sandbox.h>
+#endif
 #include <signal.h>
 #include <stdio.h>
 #include <stdint.h>
@@ -159,6 +162,11 @@ main(int argc, char *argv[])
                err((int)MANDOCLEVEL_SYSERR, "pledge");
 #endif
 
+#if HAVE_SANDBOX_INIT
+       if (sandbox_init(kSBXProfileNoInternet, SANDBOX_NAMED, NULL) == -1)
+               errx((int)MANDOCLEVEL_SYSERR, "sandbox_init");
+#endif
+
        /* Search options. */
 
        memset(&conf, 0, sizeof(conf));

diff --git a/mandocdb.c b/mandocdb.c
index fa23ad0e1e0211d825b24ab1b6eee4f43b9cd8a8..6c04cb05256ce7aa2c527ce83f6b9063318474af 100644 (file)
--- a/mandocdb.c
+++ b/mandocdb.c
@@ -1,4 +1,4 @@
-/*     $Id: mandocdb.c,v 1.217 2016/07/09 15:24:19 schwarze Exp $ */
+/*     $Id: mandocdb.c,v 1.218 2016/07/12 05:18:38 kristaps Exp $ */
 /*
  * Copyright (c) 2011, 2012 Kristaps Dzonsons <kristaps@bsd.lv>
  * Copyright (c) 2011-2016 Ingo Schwarze <schwarze@openbsd.org>
@@ -34,6 +34,9 @@
 #include "compat_fts.h"
 #endif
 #include <limits.h>
+#if HAVE_SANDBOX_INIT
+#include <sandbox.h>
+#endif
 #include <stddef.h>
 #include <stdio.h>
 #include <stdint.h>
@@ -345,6 +348,13 @@ mandocdb(int argc, char *argv[])
        }
 #endif
 
+#if HAVE_SANDBOX_INIT
+       if (sandbox_init(kSBXProfileNoInternet, SANDBOX_NAMED, NULL) == -1) {
+               warnx("sandbox_init");
+               return (int)MANDOCLEVEL_SYSERR;
+       }
+#endif
+
        memset(&conf, 0, sizeof(conf));
        memset(stmts, 0, STMT__MAX * sizeof(sqlite3_stmt *));
 

diff --git a/test-sandbox_init.c b/test-sandbox_init.c
new file mode 100644 (file)
index 0000000..a4902ee
--- /dev/null
+++ b/test-sandbox_init.c
@@ -0,0 +1,13 @@
+#include <sandbox.h>
+
+int
+main(void)
+{
+       char    *ep;
+       int      rc;
+
+       rc = sandbox_init(kSBXProfileNoInternet, SANDBOX_NAMED, &ep);
+       if (-1 == rc)
+               sandbox_free_error(ep);
+       return(-1 == rc);
+}