unveil_openbsd.go (1217B)
1 // Copyright 2018 The Go Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 package unix 6 7 import "fmt" 8 9 // Unveil implements the unveil syscall. 10 // For more information see unveil(2). 11 // Note that the special case of blocking further 12 // unveil calls is handled by UnveilBlock. 13 func Unveil(path string, flags string) error { 14 if err := supportsUnveil(); err != nil { 15 return err 16 } 17 pathPtr, err := BytePtrFromString(path) 18 if err != nil { 19 return err 20 } 21 flagsPtr, err := BytePtrFromString(flags) 22 if err != nil { 23 return err 24 } 25 return unveil(pathPtr, flagsPtr) 26 } 27 28 // UnveilBlock blocks future unveil calls. 29 // For more information see unveil(2). 30 func UnveilBlock() error { 31 if err := supportsUnveil(); err != nil { 32 return err 33 } 34 return unveil(nil, nil) 35 } 36 37 // supportsUnveil checks for availability of the unveil(2) system call based 38 // on the running OpenBSD version. 39 func supportsUnveil() error { 40 maj, min, err := majmin() 41 if err != nil { 42 return err 43 } 44 45 // unveil is not available before 6.4 46 if maj < 6 || (maj == 6 && min <= 3) { 47 return fmt.Errorf("cannot call Unveil on OpenBSD %d.%d", maj, min) 48 } 49 50 return nil 51 }