Commit 0f8d269b44ff831a8b0d5b83912079814cd089fc
2019-01-04T17:36:37
apply unveil(2) to 'got tree'
diff --git a/got/got.c b/got/got.c
index 2277622..d4231ab 100644
--- a/got/got.c
+++ b/got/got.c
@@ -1140,8 +1140,8 @@ cmd_tree(int argc, char *argv[])
int ch;
#ifndef PROFILE
- if (pledge("stdio rpath wpath cpath flock proc exec sendfd", NULL)
- == -1)
+ if (pledge("stdio rpath wpath cpath flock proc exec sendfd unveil",
+ NULL) == -1)
err(1, "pledge");
#endif
@@ -1187,6 +1187,10 @@ cmd_tree(int argc, char *argv[])
}
}
+ error = apply_unveil(repo_path, NULL);
+ if (error)
+ goto done;
+
error = got_repo_open(&repo, repo_path);
if (error != NULL)
goto done;