Added an unveil() call for "/tmp".

It seems that it's needed for shm_open() to succeed,
whatever the first argument points to.

No idea why.
This commit is contained in:
default 2024-01-11 11:07:07 +01:00
parent 2693c081b4
commit 32ce4b0659

1
data.c
View file

@ -111,6 +111,7 @@ int srv_open(char *basedir, int auto_upgrade)
else { else {
srv_debug(1, xs_fmt("Calling unveil()")); srv_debug(1, xs_fmt("Calling unveil()"));
unveil(basedir, "rwc"); unveil(basedir, "rwc");
unveil("/tmp", "rwc");
unveil("/usr/sbin/sendmail", "x"); unveil("/usr/sbin/sendmail", "x");
unveil("/etc/resolv.conf", "r"); unveil("/etc/resolv.conf", "r");
unveil("/etc/hosts", "r"); unveil("/etc/hosts", "r");