diff options
| author | Kristaps Dzonsons <kristaps@bsd.lv> | 2016-07-12 05:18:38 +0000 |
|---|---|---|
| committer | Kristaps Dzonsons <kristaps@bsd.lv> | 2016-07-12 05:18:38 +0000 |
| commit | 64b286c7df62ada31dfaeaaf812bce0a0a217325 (patch) | |
| tree | 3ca968b1830a5a9a2feb52d20eb31486642ce175 /main.c | |
| parent | 7c248f50d315de6e082833a448c2ce9d69b6773b (diff) | |
| download | mandoc-64b286c7df62ada31dfaeaaf812bce0a0a217325.tar.gz | |
Add support for Mac OS X's sandbox_init(3) sandbox functionality, which
is marked as DEPRECATED in OS X after 2011 or so, but has not been
removed and has no replacement.
ok schwarze@
Diffstat (limited to 'main.c')
| -rw-r--r-- | main.c | 8 |
1 files changed, 8 insertions, 0 deletions
@@ -30,6 +30,9 @@ #include <errno.h> #include <fcntl.h> #include <glob.h> +#if HAVE_SANDBOX_INIT +#include <sandbox.h> +#endif #include <signal.h> #include <stdio.h> #include <stdint.h> @@ -159,6 +162,11 @@ main(int argc, char *argv[]) err((int)MANDOCLEVEL_SYSERR, "pledge"); #endif +#if HAVE_SANDBOX_INIT + if (sandbox_init(kSBXProfileNoInternet, SANDBOX_NAMED, NULL) == -1) + errx((int)MANDOCLEVEL_SYSERR, "sandbox_init"); +#endif + /* Search options. */ memset(&conf, 0, sizeof(conf)); |