mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2024-11-22 07:30:19 +00:00
Utilities/beep: Restrict possible capabilities
We can now just unveil the /dev/beep device node, as well as to restrict the utility functionality for rpath, wpath & stdio related syscalls only because we don't actually need anything else.
This commit is contained in:
parent
26f96d2a42
commit
55ea2d892c
Notes:
sideshowbarker
2024-07-17 11:33:34 +09:00
Author: https://github.com/supercomputer7 Commit: https://github.com/SerenityOS/serenity/commit/55ea2d892c Pull-request: https://github.com/SerenityOS/serenity/pull/20761 Reviewed-by: https://github.com/timschumi ✅
1 changed files with 3 additions and 0 deletions
|
@ -10,6 +10,9 @@
|
||||||
|
|
||||||
ErrorOr<int> serenity_main(Main::Arguments arguments)
|
ErrorOr<int> serenity_main(Main::Arguments arguments)
|
||||||
{
|
{
|
||||||
|
TRY(Core::System::pledge("stdio rpath wpath"));
|
||||||
|
TRY(Core::System::unveil("/dev/beep", "rw"));
|
||||||
|
TRY(Core::System::unveil(nullptr, nullptr));
|
||||||
Optional<size_t> tone;
|
Optional<size_t> tone;
|
||||||
Optional<size_t> milliseconds_duration;
|
Optional<size_t> milliseconds_duration;
|
||||||
Core::ArgsParser args_parser;
|
Core::ArgsParser args_parser;
|
||||||
|
|
Loading…
Reference in a new issue