-
Notifications
You must be signed in to change notification settings - Fork 3.3k
/
darwin_priv.c
28 lines (24 loc) · 713 Bytes
/
darwin_priv.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <sandbox.h>
#include "memcached.h"
#pragma clang diagnostic push
#pragma clang diagnostic ignored "-Wdeprecated-declarations"
/*
* the sandbox api is marked deprecated, however still used
* by couple of major softwares/libraries like openssh
*/
void drop_privileges(void) {
extern char *__progname;
char *error = NULL;
if (sandbox_init(kSBXProfileNoInternet, SANDBOX_NAMED, &error) < 0) {
fprintf(stderr, "%s: sandbox_init: %s\n", __progname, error);
sandbox_free_error(error);
exit(EXIT_FAILURE);
}
}
#pragma clang diagnostic pop
void setup_privilege_violations_handler(void) {
// not needed
}