1# $OpenBSD: Pledge.pm,v 1.6 2021/06/09 23:21:34 afresh1 Exp $ # 2package OpenBSD::Pledge; 3 4use 5.020002; 5use strict; 6use warnings; 7 8use parent 'Exporter'; 9our @EXPORT = qw( pledge ); ## no critic 'export' 10 11our $VERSION = '0.03'; 12 13require XSLoader; 14XSLoader::load( 'OpenBSD::Pledge', $VERSION ); 15 16sub pledge 17{ 18 my (@promises) = @_; 19 20 my %seen; 21 my $promises = join q{ }, 22 sort grep { !$seen{$_}++ } ( 'stdio', @promises ); 23 24 return _pledge( $promises ); 25} 26 271; 28 29## no critic 'pod sections' 30__END__ 31 32=head1 NAME 33 34OpenBSD::Pledge - Perl interface to OpenBSD pledge(2) 35 36=head1 SYNOPSIS 37 38 use OpenBSD::Pledge; 39 40 my $file = "/usr/share/dict/words"; 41 pledge( qw( rpath ) ) || die "Unable to pledge: $!"; 42 open my $fh, '<', $file or die "Unable to open $file: $!"; 43 44 pledge() || die "Unable to pledge again: $!"; 45 print grep { /pledge/i } readline($fh); 46 close $fh; 47 48 49=head1 DESCRIPTION 50 51This module provides a perl interface to OpenBSD's L<pledge(2)> L<syscall(2)>. 52 53Once you promise that your program will only use certain syscalls 54the kernel will kill the program if it attempts to call any other 55interfaces. 56 57=head1 EXPORT 58 59Exports L</pledge> by default. 60 61=head1 FUNCTIONS 62 63=head2 pledge 64 65Perl interface to L<pledge(2)>. 66 67 pledge(@promises) 68 69The "stdio" promise is always implied, 70as L<perl(1)> itself is useless without it. 71 72Returns true on success, returns false and sets $! on failure 73 74=head1 BUGS AND LIMITATIONS 75 76Perl is particularly fond of C<stdio> so that promise is always added by 77L</pledge>. 78 79=head1 SEE ALSO 80 81L<pledge(2)> 82 83L<http://man.openbsd.org/pledge.2> 84 85=head1 AUTHOR 86 87Andrew Hewus Fresh, E<lt>afresh1@OpenBSD.orgE<gt> 88 89=head1 LICENSE AND COPYRIGHT 90 91Copyright (C) 2015,2021 by Andrew Hewus Fresh E<lt>afresh1@OpenBSD.orgE<gt> 92 93Permission to use, copy, modify, and distribute this software for any 94purpose with or without fee is hereby granted, provided that the above 95copyright notice and this permission notice appear in all copies. 96 97THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 98WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 99MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 100ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 101WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 102ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 103OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 104 105=cut 106