diff options
Diffstat (limited to 'sandbox.c')
| -rw-r--r-- | sandbox.c | 9 |
1 files changed, 8 insertions, 1 deletions
| @@ -13,6 +13,8 @@ void sbox_enter(const char *basedir) | |||
| 13 | return; | 13 | return; |
| 14 | } | 14 | } |
| 15 | 15 | ||
| 16 | const xs_val *strip_exif = xs_dict_get(srv_config, "strip_exif"); | ||
| 17 | |||
| 16 | int smail; | 18 | int smail; |
| 17 | const char *url = xs_dict_get(srv_config, "smtp_url"); | 19 | const char *url = xs_dict_get(srv_config, "smtp_url"); |
| 18 | 20 | ||
| @@ -33,6 +35,11 @@ void sbox_enter(const char *basedir) | |||
| 33 | if (*address == '/') | 35 | if (*address == '/') |
| 34 | unveil(address, "rwc"); | 36 | unveil(address, "rwc"); |
| 35 | 37 | ||
| 38 | if (strip_exif) { | ||
| 39 | unveil(xs_dict_get(srv_config, "ffmpeg_path"), "x"); | ||
| 40 | unveil(xs_dict_get(srv_config, "mogrify_path"), "x"); | ||
| 41 | } | ||
| 42 | |||
| 36 | if (smail) | 43 | if (smail) |
| 37 | unveil("/usr/sbin/sendmail", "x"); | 44 | unveil("/usr/sbin/sendmail", "x"); |
| 38 | 45 | ||
| @@ -45,7 +52,7 @@ void sbox_enter(const char *basedir) | |||
| 45 | if (*address == '/') | 52 | if (*address == '/') |
| 46 | p = xs_str_cat(p, " unix"); | 53 | p = xs_str_cat(p, " unix"); |
| 47 | 54 | ||
| 48 | if (smail) | 55 | if (smail || strip_exif) |
| 49 | p = xs_str_cat(p, " exec"); | 56 | p = xs_str_cat(p, " exec"); |
| 50 | 57 | ||
| 51 | pledge(p, NULL); | 58 | pledge(p, NULL); |