Hi Soléne, Happy to see you here! On Sun, Jul 28, 2024 at 09:31:24PM +0200, Solène Rapenne wrote:
you should provide a command line argument to disable sandboxing, so in case of a problem users can run dillo without sandboxing and see if it works better, allowing to figure if sandboxing is the root cause of their problem.
I don't think there is a need to use a command line argument, as we can add a configuration option in ~/.dillo/dillorc to disable it.
what happens if you have no ~/.dillo when you start dillo with unveil?
Dillo will first try to load ~/.dillo/dillorc, if that fails it will try $prefix/etc/dillo/dillorc, and if that fails too will use the internal defaults. I propose to let the default value for the unveil in the configuration option enabled by default (which will only take effect when unveil support is compiled in). To disable it for testing purposes one can edit $prefix/etc/dillo/dillorc or copy it to ~/.dillo/dillorc and change it there (this is the default workflow for other options too).
why do you need to unveil the same directories multiple times in the code?
Dillo is composed of several plugins that work as separate programs. Including a Dillo plugin daemon (dpid) and several other builtin programs (dpis). Each of those programs is being constrained with unveil differently, as they have different requirements. Best, Rodrigo.