Using unveil(2) to block the entire file system

I'm making a status monitor for things like battery, time, etc. to use with dwm. I wanted to use pledge(2) and unveil(2) to lock things down as well as to help me learn C. The first issue I came up against was with pledge and apm(4). The ioctl(2) calls used to retrieve power state do not appear to

Re: Using unveil(2) to block the entire file system

Chris Rawnsley wrote: > I applied unveil next. This went much more smoothly allowing only the > few files required for the programme to function. However, I've realised > since that I only need to access a few files at initialisation and then > I can shut off all access to the file system. > > F

Re: Using unveil(2) to block the entire file system

On Wed, 4 Dec 2019, at 14:08, Theo de Raadt wrote: > unveil("/", ""); > unveil(NULL, NULL); Thank you. I didn't realise that was possible. I tried to write an update to the man page for unveil(2). Is this accurate? Should I send it along to tech@? Index: lib/libc/sys/unveil.2 ===

LibreSSL vs. OpenSSL enc command

Hi, i have encrypted several documents with openssl enc -aes-256-cbc -e < FOO > FOO.aes256 This was serveral years ago before Libressl was invented. Now I wanted to decrypt the docs with: openssl enc -aes-256-cbc -d < FOO.aes256 > FOO This did not work. The password did not work anymore. I had

Re: Using unveil(2) to block the entire file system

Chris Rawnsley wrote: > On Wed, 4 Dec 2019, at 14:08, Theo de Raadt wrote: > > unveil("/", ""); > > unveil(NULL, NULL); > > Thank you. I didn't realise that was possible. > > I tried to write an update to the man page for unveil(2). Is this > accurate? Should I send it along to tech@? > > Inde

Re: LibreSSL vs. OpenSSL enc command

On Wed, Dec 4, 2019 at 1:05 PM Dieter Rauschenberger wrote: > > i have encrypted several documents with > > openssl enc -aes-256-cbc -e < FOO > FOO.aes256 > > This was serveral years ago before Libressl was invented. Now I wanted > to decrypt the docs with: > > openssl enc -aes-256-cbc -d < FOO.ae

Re: LibreSSL vs. OpenSSL enc command

Hi Jeff openssl enc -aes-256-cbc -d -md md5 < FOO.aes256 > FOO did the trick. Thank you very much. -Dieter On Wed, Dec 04, 2019 at 01:12:08PM -0500, Jeffrey Walton wrote: > On Wed, Dec 4, 2019 at 1:05 PM Dieter Rauschenberger > wrote: > > > > i have encrypted several documents with > > > > ope

Re: Using unveil(2) to block the entire file system

On Wed, 4 Dec 2019, at 18:07, Theo de Raadt wrote: > I think it is implied, if no permissions are listed. Perhaps and it may be due my inexperience with C interfaces that I didn't think to try it. I think your wording would have been enough for me to twig so I've made the patch for that instances

Re: LibreSSL vs. OpenSSL enc command

Dieter Rauschenberger: > This was serveral years ago before Libressl was invented. Now I wanted > to decrypt the docs with: > > openssl enc -aes-256-cbc -d < FOO.aes256 > FOO > > This did not work. The password did not work anymore. The default message digest function used for key derivation ch