Solderpunk
eb85a6e94c
Another big refactor, splitting the Config struct in two.
...
The split reflects that between variables which can and cannot be
overridden by .molly files, and this greatly simplifies the
processing of said files, getting rid of the need for lots of
ugly temporary variable thrashing.
2023-02-25 11:29:13 +01:00
Solderpunk
8d1a04cb27
Fix minor bugs on OpenBSD-only code, after discovering easy of cross-compilation in Go.
2023-02-22 21:16:11 +01:00
Solderpunk
7a89b307a1
Just use the log package's default logger as the error log.
2023-02-19 15:04:34 +01:00
Solderpunk
072669a167
Avoid use of log.Fatal() or os.Exit() in main so defers are guaranteed to run.
2023-02-19 14:40:54 +01:00
Solderpunk
7fad754ff2
Drop privileges much more thoroughly, thanks nervuri! (see issue #16 )
2023-02-19 13:17:24 +01:00
Solderpunk
8372142843
Add support for chroot()ing server early after startup, more work toward issue #16 .
2023-02-15 21:10:22 +01:00
Solderpunk
4e6a8fcd05
Use setuid() systemcall wherever possible to reduce privileges before accepting network connections. First step toward solving issue #16 .
2023-02-13 20:26:52 +01:00
kvothe
1c0fb0d856
Fixed a typo in the OpenBSD enableSecurityRestrictions docs.
2020-09-16 23:49:03 -04:00
kvothe
fb77a13088
Finished the OpenBSD pledge/unveil implementation after testing SCGI procs.
2020-09-16 23:24:41 -04:00
kvothe
69a253f820
Tested unveiling CGI dirs and globs as executable.
2020-09-15 22:14:12 -04:00
kvothe
03ca12d0c1
First pass at a pledge/unveil implementation for OpenBSD.
2020-09-14 22:21:05 -04:00