On 2020/05/29 08:30, Luke Small wrote:
> You mention a lot of files that need to be read, but a program like pkg_add
> can make it the
> _pkgfetch (57) user which has no directory and I’m guessing not in
> interactive mode. At the
> very least, in noninteractive mode you could unveil(“/“, “rx”); and change
> the specified output
> file discover the name of the file that is to be downloaded and unveil it as
> “cw” !
> --
> -Luke
What problem are you trying to solve?
If you are concerned about writes, use "ftp -o - $URL > somefile", it will
run without cpath/wpath, which is functionally similar to unveil("/", "rx")
(a bit stronger, because a program trying to write will be killed, rather
than just having a file access error).
pkg_add(1) already uses "ftp -o -":
# ktrace -di pkg_add -u moo
quirks-3.339 signed on 2020-05-27T20:05:28Z
# kdump | grep promise=
61644 ftp STRU promise="stdio rpath dns tty inet proc exec fattr"
41938 signify STRU promise="stdio rpath wpath cpath tty"
41938 signify STRU promise="stdio rpath"
24897 ftp STRU promise="stdio rpath dns tty inet proc exec fattr"
54324 signify STRU promise="stdio rpath wpath cpath tty"
54324 signify STRU promise="stdio rpath"
9188 ftp STRU promise="stdio rpath dns tty inet proc exec fattr"
