Hi Alex, On Tue, Aug 20, 2024 at 08:09:16PM +0200, a1ex@dismail.de wrote:
Hi,
Here is an updated version of the unveil patch.
I think almost everything on the to-do list was completed, except searching for a custom wget location. I don't see an especially easy way of doing that, and it seems an unlikely edge-case for someone to remove wget from the system default location.
- Permissions have been tightened in dpis - Checking for AUTHORITY env, fallback to ~/.Xauthority - Prefs parser is aware of 'enable_unveil' - Fix some non-strict code warnings - dillorc 'enable_unveil' default setting - Formatting, whitespace fixes - ...
I have done a fair amount of testing and it works for me. Unless there is any further feedback or interest, I will leave it as-is for now.
Thanks for the patch and for the effort. I'll test it on OpenBSD and the other platforms too to ensure nothing breaks. I'll try to get it merged for the 3.2.0 release. Best, Rodrigo.