From 25e0ab3ee48c046b4d994c1c95df36ca58a3ec78 Mon Sep 17 00:00:00 2001 From: Timothy Flynn Date: Mon, 3 Oct 2022 09:32:18 -0400 Subject: [PATCH] Userland: Tighten promises by removing 'proc' where it isn't used This is a partial revert of commit 7af5eef. After 97d15e9, the 'proc' promise is not needed for operations using getsid(). This also fixes launching several applications in which 7af5eef added the 'proc' promise only in the second call to pledge(). --- Userland/Applets/Audio/main.cpp | 2 +- Userland/Applets/ClipboardHistory/main.cpp | 2 +- Userland/Applications/3DFileViewer/main.cpp | 2 +- Userland/Applications/Help/main.cpp | 2 +- Userland/Applications/HexEditor/main.cpp | 2 +- Userland/Applications/Magnifier/main.cpp | 2 +- Userland/Applications/Mail/main.cpp | 2 +- Userland/Applications/PDFViewer/main.cpp | 2 +- Userland/Applications/PixelPaint/main.cpp | 2 +- Userland/Applications/Spreadsheet/main.cpp | 2 +- Userland/Applications/TextEditor/main.cpp | 2 +- Userland/Applications/ThemeEditor/main.cpp | 2 +- Userland/Demos/Eyes/main.cpp | 2 +- Userland/Demos/WidgetGallery/main.cpp | 2 +- Userland/Games/2048/main.cpp | 2 +- Userland/Games/FlappyBug/main.cpp | 2 +- Userland/Games/GameOfLife/main.cpp | 2 +- Userland/Games/Hearts/main.cpp | 2 +- Userland/Games/MasterWord/main.cpp | 2 +- Userland/Games/Minesweeper/main.cpp | 2 +- Userland/Games/Snake/main.cpp | 2 +- Userland/Services/InspectorServer/main.cpp | 2 +- Userland/Services/WebContent/main.cpp | 2 +- Userland/Utilities/aplay.cpp | 2 +- 24 files changed, 24 insertions(+), 24 deletions(-) diff --git a/Userland/Applets/Audio/main.cpp b/Userland/Applets/Audio/main.cpp index d5b0b414782..513349352f3 100644 --- a/Userland/Applets/Audio/main.cpp +++ b/Userland/Applets/Audio/main.cpp @@ -237,7 +237,7 @@ private: ErrorOr serenity_main(Main::Arguments arguments) { - TRY(Core::System::pledge("stdio recvfd sendfd rpath wpath cpath unix thread proc")); + TRY(Core::System::pledge("stdio recvfd sendfd rpath wpath cpath unix thread")); auto app = TRY(GUI::Application::try_create(arguments)); Config::pledge_domain("AudioApplet"); diff --git a/Userland/Applets/ClipboardHistory/main.cpp b/Userland/Applets/ClipboardHistory/main.cpp index 913f203eca1..0902ccb8c2f 100644 --- a/Userland/Applets/ClipboardHistory/main.cpp +++ b/Userland/Applets/ClipboardHistory/main.cpp @@ -17,7 +17,7 @@ ErrorOr serenity_main(Main::Arguments arguments) { - TRY(Core::System::pledge("stdio recvfd sendfd rpath unix proc")); + TRY(Core::System::pledge("stdio recvfd sendfd rpath unix")); auto app = TRY(GUI::Application::try_create(arguments)); Config::pledge_domain("ClipboardHistory"); diff --git a/Userland/Applications/3DFileViewer/main.cpp b/Userland/Applications/3DFileViewer/main.cpp index 1b77bd6107a..b43cf9e413f 100644 --- a/Userland/Applications/3DFileViewer/main.cpp +++ b/Userland/Applications/3DFileViewer/main.cpp @@ -358,7 +358,7 @@ ErrorOr serenity_main(Main::Arguments arguments) { auto app = TRY(GUI::Application::try_create(arguments)); - TRY(Core::System::pledge("stdio thread recvfd sendfd rpath unix prot_exec proc")); + TRY(Core::System::pledge("stdio thread recvfd sendfd rpath unix prot_exec")); TRY(Core::System::unveil("/tmp/session/%sid/portal/filesystemaccess", "rw")); TRY(Core::System::unveil("/home/anon/Documents/3D Models", "r")); diff --git a/Userland/Applications/Help/main.cpp b/Userland/Applications/Help/main.cpp index 20ca37a36c1..7b25d91a1e3 100644 --- a/Userland/Applications/Help/main.cpp +++ b/Userland/Applications/Help/main.cpp @@ -28,7 +28,7 @@ static String parse_input(StringView input) ErrorOr serenity_main(Main::Arguments arguments) { - TRY(Core::System::pledge("stdio recvfd sendfd rpath unix proc")); + TRY(Core::System::pledge("stdio recvfd sendfd rpath unix")); auto app = TRY(GUI::Application::try_create(arguments)); TRY(Core::System::unveil("/proc/all", "r")); diff --git a/Userland/Applications/HexEditor/main.cpp b/Userland/Applications/HexEditor/main.cpp index a1b71b02a9a..a7e4cd17961 100644 --- a/Userland/Applications/HexEditor/main.cpp +++ b/Userland/Applications/HexEditor/main.cpp @@ -20,7 +20,7 @@ ErrorOr serenity_main(Main::Arguments arguments) { - TRY(Core::System::pledge("stdio recvfd sendfd rpath unix cpath wpath thread proc")); + TRY(Core::System::pledge("stdio recvfd sendfd rpath unix cpath wpath thread")); auto app = TRY(GUI::Application::try_create(arguments)); diff --git a/Userland/Applications/Magnifier/main.cpp b/Userland/Applications/Magnifier/main.cpp index bc0b67dd85a..cffa99ddbf9 100644 --- a/Userland/Applications/Magnifier/main.cpp +++ b/Userland/Applications/Magnifier/main.cpp @@ -37,7 +37,7 @@ static ErrorOr dump_bitmap(RefPtr bitmap, AK::StringVie ErrorOr serenity_main(Main::Arguments arguments) { - TRY(Core::System::pledge("stdio cpath rpath recvfd sendfd unix proc")); + TRY(Core::System::pledge("stdio cpath rpath recvfd sendfd unix")); auto app = TRY(GUI::Application::try_create(arguments)); TRY(Core::System::unveil("/tmp/session/%sid/portal/filesystemaccess", "rw")); diff --git a/Userland/Applications/Mail/main.cpp b/Userland/Applications/Mail/main.cpp index a563676a820..884c156c596 100644 --- a/Userland/Applications/Mail/main.cpp +++ b/Userland/Applications/Mail/main.cpp @@ -18,7 +18,7 @@ ErrorOr serenity_main(Main::Arguments arguments) { - TRY(Core::System::pledge("stdio recvfd sendfd rpath unix inet proc")); + TRY(Core::System::pledge("stdio recvfd sendfd rpath unix inet")); auto app = TRY(GUI::Application::try_create(arguments)); diff --git a/Userland/Applications/PDFViewer/main.cpp b/Userland/Applications/PDFViewer/main.cpp index deb25f79349..3e3ebaa6b29 100644 --- a/Userland/Applications/PDFViewer/main.cpp +++ b/Userland/Applications/PDFViewer/main.cpp @@ -32,7 +32,7 @@ ErrorOr serenity_main(Main::Arguments arguments) window->set_title("PDF Viewer"); window->resize(640, 400); - TRY(Core::System::pledge("stdio recvfd sendfd rpath unix proc")); + TRY(Core::System::pledge("stdio recvfd sendfd rpath unix")); TRY(Core::System::unveil("/tmp/session/%sid/portal/filesystemaccess", "rw")); TRY(Core::System::unveil("/res", "r")); diff --git a/Userland/Applications/PixelPaint/main.cpp b/Userland/Applications/PixelPaint/main.cpp index f7669143f88..11650c417f4 100644 --- a/Userland/Applications/PixelPaint/main.cpp +++ b/Userland/Applications/PixelPaint/main.cpp @@ -21,7 +21,7 @@ ErrorOr serenity_main(Main::Arguments arguments) { - TRY(Core::System::pledge("stdio thread recvfd sendfd rpath unix wpath cpath proc")); + TRY(Core::System::pledge("stdio thread recvfd sendfd rpath unix wpath cpath")); auto app = TRY(GUI::Application::try_create(arguments)); Config::pledge_domain("PixelPaint"); diff --git a/Userland/Applications/Spreadsheet/main.cpp b/Userland/Applications/Spreadsheet/main.cpp index 9d40dc91179..f55ef5f6b1a 100644 --- a/Userland/Applications/Spreadsheet/main.cpp +++ b/Userland/Applications/Spreadsheet/main.cpp @@ -26,7 +26,7 @@ ErrorOr serenity_main(Main::Arguments arguments) { - TRY(Core::System::pledge("stdio recvfd sendfd rpath fattr unix cpath wpath thread proc")); + TRY(Core::System::pledge("stdio recvfd sendfd rpath fattr unix cpath wpath thread")); auto app = TRY(GUI::Application::try_create(arguments)); diff --git a/Userland/Applications/TextEditor/main.cpp b/Userland/Applications/TextEditor/main.cpp index 0bd82d9d1ec..21f13707a59 100644 --- a/Userland/Applications/TextEditor/main.cpp +++ b/Userland/Applications/TextEditor/main.cpp @@ -18,7 +18,7 @@ using namespace TextEditor; ErrorOr serenity_main(Main::Arguments arguments) { - TRY(Core::System::pledge("stdio recvfd sendfd thread rpath cpath wpath unix proc")); + TRY(Core::System::pledge("stdio recvfd sendfd thread rpath cpath wpath unix")); auto app = TRY(GUI::Application::try_create(arguments)); diff --git a/Userland/Applications/ThemeEditor/main.cpp b/Userland/Applications/ThemeEditor/main.cpp index 0430bd8adc0..1c814b11093 100644 --- a/Userland/Applications/ThemeEditor/main.cpp +++ b/Userland/Applications/ThemeEditor/main.cpp @@ -38,7 +38,7 @@ ErrorOr serenity_main(Main::Arguments arguments) if (!file_to_edit.is_empty()) path = Core::File::absolute_path(file_to_edit); - TRY(Core::System::pledge("stdio recvfd sendfd thread rpath unix proc")); + TRY(Core::System::pledge("stdio recvfd sendfd thread rpath unix")); TRY(Core::System::unveil("/tmp/session/%sid/portal/filesystemaccess", "rw")); TRY(Core::System::unveil("/res", "r")); TRY(Core::System::unveil(nullptr, nullptr)); diff --git a/Userland/Demos/Eyes/main.cpp b/Userland/Demos/Eyes/main.cpp index c7e183cc89c..dccb3c67384 100644 --- a/Userland/Demos/Eyes/main.cpp +++ b/Userland/Demos/Eyes/main.cpp @@ -36,7 +36,7 @@ ErrorOr serenity_main(Main::Arguments arguments) args_parser.add_option(hide_window_frame, "Hide window frame", "hide-window", 'h'); args_parser.parse(arguments); - TRY(Core::System::pledge("stdio recvfd sendfd rpath unix cpath wpath thread proc")); + TRY(Core::System::pledge("stdio recvfd sendfd rpath unix cpath wpath thread")); auto app = TRY(GUI::Application::try_create(arguments)); diff --git a/Userland/Demos/WidgetGallery/main.cpp b/Userland/Demos/WidgetGallery/main.cpp index 0c0bb64cd17..b0964e14007 100644 --- a/Userland/Demos/WidgetGallery/main.cpp +++ b/Userland/Demos/WidgetGallery/main.cpp @@ -14,7 +14,7 @@ ErrorOr serenity_main(Main::Arguments arguments) { - TRY(Core::System::pledge("stdio recvfd sendfd rpath unix thread proc")); + TRY(Core::System::pledge("stdio recvfd sendfd rpath unix thread")); auto app = TRY(GUI::Application::try_create(arguments, Core::EventLoop::MakeInspectable::Yes)); TRY(Core::System::unveil("/tmp/session/%sid/portal/filesystemaccess", "rw")); diff --git a/Userland/Games/2048/main.cpp b/Userland/Games/2048/main.cpp index 50678843c41..239aafe99f0 100644 --- a/Userland/Games/2048/main.cpp +++ b/Userland/Games/2048/main.cpp @@ -28,7 +28,7 @@ ErrorOr serenity_main(Main::Arguments arguments) { - TRY(Core::System::pledge("stdio rpath recvfd sendfd unix proc")); + TRY(Core::System::pledge("stdio rpath recvfd sendfd unix")); srand(time(nullptr)); diff --git a/Userland/Games/FlappyBug/main.cpp b/Userland/Games/FlappyBug/main.cpp index 1753c28d797..df07bcb54d7 100644 --- a/Userland/Games/FlappyBug/main.cpp +++ b/Userland/Games/FlappyBug/main.cpp @@ -28,7 +28,7 @@ ErrorOr serenity_main(Main::Arguments arguments) TRY(Desktop::Launcher::add_allowed_handler_with_only_specific_urls("/bin/Help", { URL::create_with_file_scheme("/usr/share/man/man6/FlappyBug.md") })); TRY(Desktop::Launcher::seal_allowlist()); - TRY(Core::System::pledge("stdio rpath recvfd sendfd proc")); + TRY(Core::System::pledge("stdio rpath recvfd sendfd")); TRY(Core::System::unveil("/tmp/session/%sid/portal/launch", "rw")); TRY(Core::System::unveil("/res", "r")); diff --git a/Userland/Games/GameOfLife/main.cpp b/Userland/Games/GameOfLife/main.cpp index 83ee6019e0a..1e29f0dbc28 100644 --- a/Userland/Games/GameOfLife/main.cpp +++ b/Userland/Games/GameOfLife/main.cpp @@ -34,7 +34,7 @@ ErrorOr serenity_main(Main::Arguments arguments) TRY(Desktop::Launcher::add_allowed_handler_with_only_specific_urls("/bin/Help", { URL::create_with_file_scheme("/usr/share/man/man6/GameOfLife.md") })); TRY(Desktop::Launcher::seal_allowlist()); - TRY(Core::System::pledge("stdio rpath recvfd sendfd proc")); + TRY(Core::System::pledge("stdio rpath recvfd sendfd")); TRY(Core::System::unveil("/tmp/session/%sid/portal/launch", "rw")); TRY(Core::System::unveil("/res", "r")); diff --git a/Userland/Games/Hearts/main.cpp b/Userland/Games/Hearts/main.cpp index 59787de4a69..9c924abe7e1 100644 --- a/Userland/Games/Hearts/main.cpp +++ b/Userland/Games/Hearts/main.cpp @@ -40,7 +40,7 @@ ErrorOr serenity_main(Main::Arguments arguments) TRY(Desktop::Launcher::add_allowed_handler_with_only_specific_urls("/bin/Help", { URL::create_with_file_scheme("/usr/share/man/man6/Hearts.md") })); TRY(Desktop::Launcher::seal_allowlist()); - TRY(Core::System::pledge("stdio recvfd sendfd rpath proc")); + TRY(Core::System::pledge("stdio recvfd sendfd rpath")); TRY(Core::System::unveil("/tmp/session/%sid/portal/launch", "rw")); TRY(Core::System::unveil("/res", "r")); diff --git a/Userland/Games/MasterWord/main.cpp b/Userland/Games/MasterWord/main.cpp index 32dc6347d24..98fff9ab446 100644 --- a/Userland/Games/MasterWord/main.cpp +++ b/Userland/Games/MasterWord/main.cpp @@ -30,7 +30,7 @@ ErrorOr serenity_main(Main::Arguments arguments) TRY(Desktop::Launcher::add_allowed_handler_with_only_specific_urls("/bin/Help", { URL::create_with_file_scheme("/usr/share/man/man6/MasterWord.md") })); TRY(Desktop::Launcher::seal_allowlist()); - TRY(Core::System::pledge("stdio rpath recvfd sendfd proc")); + TRY(Core::System::pledge("stdio rpath recvfd sendfd")); TRY(Core::System::unveil("/tmp/session/%sid/portal/launch", "rw")); TRY(Core::System::unveil("/res", "r")); diff --git a/Userland/Games/Minesweeper/main.cpp b/Userland/Games/Minesweeper/main.cpp index b08805ab65e..aadc794aad4 100644 --- a/Userland/Games/Minesweeper/main.cpp +++ b/Userland/Games/Minesweeper/main.cpp @@ -36,7 +36,7 @@ ErrorOr serenity_main(Main::Arguments arguments) TRY(Desktop::Launcher::add_allowed_handler_with_only_specific_urls("/bin/Help", { URL::create_with_file_scheme("/usr/share/man/man6/Minesweeper.md") })); TRY(Desktop::Launcher::seal_allowlist()); - TRY(Core::System::pledge("stdio rpath recvfd sendfd proc")); + TRY(Core::System::pledge("stdio rpath recvfd sendfd")); TRY(Core::System::unveil("/tmp/session/%sid/portal/launch", "rw")); TRY(Core::System::unveil("/res", "r")); diff --git a/Userland/Games/Snake/main.cpp b/Userland/Games/Snake/main.cpp index 0fe09541f55..88221245611 100644 --- a/Userland/Games/Snake/main.cpp +++ b/Userland/Games/Snake/main.cpp @@ -31,7 +31,7 @@ ErrorOr serenity_main(Main::Arguments arguments) TRY(Desktop::Launcher::add_allowed_handler_with_only_specific_urls("/bin/Help", { URL::create_with_file_scheme("/usr/share/man/man6/Snake.md") })); TRY(Desktop::Launcher::seal_allowlist()); - TRY(Core::System::pledge("stdio rpath recvfd sendfd proc")); + TRY(Core::System::pledge("stdio rpath recvfd sendfd")); TRY(Core::System::unveil("/tmp/session/%sid/portal/launch", "rw")); TRY(Core::System::unveil("/res", "r")); diff --git a/Userland/Services/InspectorServer/main.cpp b/Userland/Services/InspectorServer/main.cpp index 1cdaa5d552d..e5efdf73daf 100644 --- a/Userland/Services/InspectorServer/main.cpp +++ b/Userland/Services/InspectorServer/main.cpp @@ -17,7 +17,7 @@ ErrorOr serenity_main(Main::Arguments) { Core::EventLoop event_loop; - TRY(Core::System::pledge("stdio unix accept rpath proc")); + TRY(Core::System::pledge("stdio unix accept rpath")); auto server = TRY(IPC::MultiServer::try_create("/tmp/session/%sid/portal/inspector")); diff --git a/Userland/Services/WebContent/main.cpp b/Userland/Services/WebContent/main.cpp index 9fdf9630a6c..8d887226862 100644 --- a/Userland/Services/WebContent/main.cpp +++ b/Userland/Services/WebContent/main.cpp @@ -22,7 +22,7 @@ ErrorOr serenity_main(Main::Arguments) { Core::EventLoop event_loop; - TRY(Core::System::pledge("stdio recvfd sendfd accept unix rpath proc")); + TRY(Core::System::pledge("stdio recvfd sendfd accept unix rpath")); TRY(Core::System::unveil("/proc/all", "r")); TRY(Core::System::unveil("/res", "r")); TRY(Core::System::unveil("/etc/timezone", "r")); diff --git a/Userland/Utilities/aplay.cpp b/Userland/Utilities/aplay.cpp index 2bf3f2f987f..bffe9387b77 100644 --- a/Userland/Utilities/aplay.cpp +++ b/Userland/Utilities/aplay.cpp @@ -22,7 +22,7 @@ constexpr size_t LOAD_CHUNK_SIZE = 128 * KiB; ErrorOr serenity_main(Main::Arguments arguments) { - TRY(Core::System::pledge("stdio rpath sendfd unix thread proc")); + TRY(Core::System::pledge("stdio rpath sendfd unix thread")); StringView path {}; bool should_loop = false;