priv_seppriv_sep is a library for privilege separation.
It is currently designed around pledge(2) and
unveil(2) for OpenBSD-stable—that is correct, stable not current—
but in the future may contain functionality for Linux's
seccomp(2).
It is very rare to use the execpromises parameter, so pledge only relies on Promises.
Unlike pledge(2) which allows a large quantity of duplicate promises to be provided, unveil(2) allows a maximum
of four permissions to be passed. For this reason, there are dedicated functions for each quantity of
Permissions.
Any error returned from the underlying system call is propagated via
c_int. Note for both pledge(2) and unveil(2) duplicates
are ignored, so it is not an error to pass in duplicate values for their corresponding functions in this crate.
This package will be actively maintained to stay in-sync with the latest version of OpenBSD-stable; as a result,
the crate is only tested on the x86_64-unknown-openbsd target. While OpenBSD supports both the most recent
release/stable release as well as the previous version, only the most recent version will be supported by this
library. For that reason any removal of promises in subsequent releases of pledge(2) will lead to breaking
changes in this library as the corresponding Promise variant will be removed.
```bash laptop$ git clone https://git.philomathiclife.com/repos/privsep Cloning into 'privsep'... laptop$ cd privsep/ laptop$ cargo build --release Updating crates.io index Compiling semver v1.0.18 Compiling libc v0.2.147 Compiling rustcversion v0.4.0 Compiling privsep v0.3.0 (/home/zack/privsep) Finished release [optimized] target(s) in 1.90s laptop$ cargo t Compiling semver v1.0.18 Compiling libc v0.2.147 Compiling rustcversion v0.4.0 Compiling privsep v0.3.0 (/home/zack/privsep) Finished test [unoptimized + debuginfo] target(s) in 1.43s Running unittests src/lib.rs (target/debug/deps/privsep-dcb151b099a76f20)
running 1 test test tests::test ... ok
test result: ok. 1 passed; 0 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.00s
Doc-tests priv_sep
running 0 tests
test result: ok. 0 passed; 0 failed; 0 ignored; 0 measured; 0 filtered out; finished in 0.00s
```