On 11 oct. 2017 à 18:49 +0200, Theo de Raadt , wrote:
> > What does that mean ?...
>
> It means you cannot pledge big pieces of software that perform
> arbitratry magic. Learn the magic, change the magic.
Sure :) So the solution:
The first time a go program uses a socket, the go runtime does som
> What does that mean ?...
It means you cannot pledge big pieces of software that perform
arbitratry magic. Learn the magic, change the magic.
Thank you for your answer!
On 6 oct. 2017 à 20:13 +0200, Theo de Raadt , wrote:
> > I'm trying to use pledge to protect a go program.
> >
> > The exec aborts with abort trap: core dump
> >
> > Ktrace and /var/log/messages say that the __set_tcb
> > syscall is denied.
> >
> > Can I configure pledge
> I'm trying to use pledge to protect a go program.
>
> The exec aborts with abort trap: core dump
>
> Ktrace and /var/log/messages say that the __set_tcb
> syscall is denied.
>
> Can I configure pledge to allow such syscall ?
In post-6.2, this is now allowed. It wasn't allowed earlier
due to
4 matches
Mail list logo
