Add support for Mac OS X's sandbox_init(3) sandbox functionality, which

is marked as DEPRECATED in OS X after 2011 or so, but has not been
removed and has no replacement.

ok schwarze@

5 files changed, 38 insertions, 3 deletions

diff --git a/Makefile b/Makefile
index 91a671fc..f76b1376 100644
--- a/Makefile
+++ b/Makefile
@@ -1,4 +1,4 @@
-# $Id: Makefile,v 1.487 2016/07/10 18:24:23 schwarze Exp $
+# $Id: Makefile,v 1.488 2016/07/12 05:18:38 kristaps Exp $
 #
 # Copyright (c) 2010, 2011, 2012 Kristaps Dzonsons <kristaps@bsd.lv>
 # Copyright (c) 2011, 2013-2016 Ingo Schwarze <schwarze@openbsd.org>
@@ -33,6 +33,7 @@ TESTSRCS	 = test-dirent-namlen.c \
 		   test-reallocarray.c \
 		   test-rewb-bsd.c \
 		   test-rewb-sysv.c \
+		   test-sandbox_init.c \
 		   test-sqlite3.c \
 		   test-sqlite3_errstr.c \
 		   test-strcasestr.c \
diff --git a/configure b/configure
index 13fd1409..6f2c4116 100755
--- a/configure
+++ b/configure
@@ -58,6 +58,7 @@ HAVE_PROGNAME=
 HAVE_REALLOCARRAY=
 HAVE_REWB_BSD=
 HAVE_REWB_SYSV=
+HAVE_SANDBOX_INIT=
 HAVE_STRCASESTR=
 HAVE_STRINGLIST=
 HAVE_STRLCAT=
@@ -186,6 +187,7 @@ runtest isblank		ISBLANK		|| true
 runtest mkdtemp		MKDTEMP		|| true
 runtest mmap		MMAP		|| true
 runtest pledge		PLEDGE		|| true
+runtest sandbox_init	SANDBOX_INIT	|| true
 runtest progname	PROGNAME	|| true
 runtest reallocarray	REALLOCARRAY	|| true
 runtest rewb-bsd	REWB_BSD	|| true
@@ -317,6 +319,7 @@ cat << __HEREDOC__
 #define HAVE_REALLOCARRAY ${HAVE_REALLOCARRAY}
 #define HAVE_REWB_BSD ${HAVE_REWB_BSD}
 #define HAVE_REWB_SYSV ${HAVE_REWB_SYSV}
+#define HAVE_SANDBOX_INIT ${HAVE_SANDBOX_INIT}
 #define HAVE_STRCASESTR ${HAVE_STRCASESTR}
 #define HAVE_STRINGLIST ${HAVE_STRINGLIST}
 #define HAVE_STRLCAT ${HAVE_STRLCAT}
diff --git a/main.c b/main.c
index a03ab0fe..527db244 100644
--- a/main.c
+++ b/main.c
@@ -1,4 +1,4 @@
-/*	$Id: main.c,v 1.268 2016/07/10 14:05:13 schwarze Exp $ */
+/*	$Id: main.c,v 1.269 2016/07/12 05:18:38 kristaps Exp $ */
 /*
  * Copyright (c) 2008-2012 Kristaps Dzonsons <kristaps@bsd.lv>
  * Copyright (c) 2010-2012, 2014-2016 Ingo Schwarze <schwarze@openbsd.org>
@@ -30,6 +30,9 @@
 #include <errno.h>
 #include <fcntl.h>
 #include <glob.h>
+#if HAVE_SANDBOX_INIT
+#include <sandbox.h>
+#endif
 #include <signal.h>
 #include <stdio.h>
 #include <stdint.h>
@@ -159,6 +162,11 @@ main(int argc, char *argv[])
 		err((int)MANDOCLEVEL_SYSERR, "pledge");
 #endif
 
+#if HAVE_SANDBOX_INIT
+	if (sandbox_init(kSBXProfileNoInternet, SANDBOX_NAMED, NULL) == -1)
+		errx((int)MANDOCLEVEL_SYSERR, "sandbox_init");
+#endif
+
 	/* Search options. */
 
 	memset(&conf, 0, sizeof(conf));
diff --git a/mandocdb.c b/mandocdb.c
index fa23ad0e..6c04cb05 100644
--- a/mandocdb.c
+++ b/mandocdb.c
@@ -1,4 +1,4 @@
-/*	$Id: mandocdb.c,v 1.217 2016/07/09 15:24:19 schwarze Exp $ */
+/*	$Id: mandocdb.c,v 1.218 2016/07/12 05:18:38 kristaps Exp $ */
 /*
  * Copyright (c) 2011, 2012 Kristaps Dzonsons <kristaps@bsd.lv>
  * Copyright (c) 2011-2016 Ingo Schwarze <schwarze@openbsd.org>
@@ -34,6 +34,9 @@
 #include "compat_fts.h"
 #endif
 #include <limits.h>
+#if HAVE_SANDBOX_INIT
+#include <sandbox.h>
+#endif
 #include <stddef.h>
 #include <stdio.h>
 #include <stdint.h>
@@ -345,6 +348,13 @@ mandocdb(int argc, char *argv[])
 	}
 #endif
 
+#if HAVE_SANDBOX_INIT
+	if (sandbox_init(kSBXProfileNoInternet, SANDBOX_NAMED, NULL) == -1) {
+		warnx("sandbox_init");
+		return (int)MANDOCLEVEL_SYSERR;
+	}
+#endif
+
 	memset(&conf, 0, sizeof(conf));
 	memset(stmts, 0, STMT__MAX * sizeof(sqlite3_stmt *));
 
diff --git a/test-sandbox_init.c b/test-sandbox_init.c
new file mode 100644
index 00000000..a4902ee6
--- /dev/null
+++ b/test-sandbox_init.c
@@ -0,0 +1,13 @@
+#include <sandbox.h>
+
+int
+main(void)
+{
+	char	*ep;
+	int	 rc;
+
+	rc = sandbox_init(kSBXProfileNoInternet, SANDBOX_NAMED, &ep);
+	if (-1 == rc)
+		sandbox_free_error(ep);
+	return(-1 == rc);
+}