34
OpenBSD unveil(2)
source link: https://www.tuicool.com/articles/hit/Rbqq6rY
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
unveil
—
unveil parts of a restricted filesystem view
#include
<unistd.h>
int
unveil
( const
char *path
, const char
*flags
);The first call to unveil
removes visibility
of the entire filesystem from all other filesystem-related system calls (such
asopen(2),chmod(2) andrename(2)), except for the
specified path
. Subsequent calls to unveil
expose additional views of the
filesystem.The unveil
call is treated specially and can
continue to see the filesystem for subsequent calls. unveil
can be locked, preventing further
filesytem exposure by calling unveil
with
two NULL
arguments.pledge(2) may alternatively be
used to remove the "unveil" permission.The flags
argument points to a string consisting of the following characters.
path should be made available for read operations corresponding topledge(2) promise rpath . path should be available for write operations corresponding topledge(2) promise wpath . path should be available for execute operations corresponding topledge(2) promise exec . path should be allowed to be created and removed, corresponding topledge(2) promise cpath . A path that is a directory will enable all filesystem access underneath path using flags if and only if no more specific matchingunveil
() exists at a lower level.Attempts to access paths not allowed by unveil
will result in an error of EACCES
when the flags
argument does not match the attempted
operation. ENOENT
is returned for paths for
which no unveil
flags are present.As withpledge(2), the use of unveil
() in an application will require
lots of study and understanding of the interfaces called. In most cases it is
best practice to unveil the directories in which an application makes use of
files. It is important to consider that directory results are remembered at
the time of a call to unveil
(). This means
that a directory that is removed and recreated after a call to unveil
() will appear to not exist. Non
directories are remembered by name within their containing directory, and so
may be created, removed, or re-created after a call to unveil
() and still appear to exist. unveil
() returns 0 on success or -1 on failure.
E2BIG The addition of path would exceed the per-process limit for pledged paths. ENOENT A directory in path did not exist. EINVAL An invalid value of flags was used. EPERM An attempt to add permission to flags was made, or path was not accessible, orunveil
was called after it was
locked
The unveil
() system call first appeared in
OpenBSD 6.4
.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK