fortify: replace direct syscall with prctl wrapper
test / test (push) Successful in 20s
Details
test / test (push) Successful in 20s
Details
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
This commit is contained in:
parent
584732f80a
commit
422d8e00d5
8
main.go
8
main.go
|
@ -2,8 +2,8 @@ package main
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"flag"
|
"flag"
|
||||||
"syscall"
|
|
||||||
|
|
||||||
|
"git.ophivana.moe/security/fortify/internal"
|
||||||
"git.ophivana.moe/security/fortify/internal/app"
|
"git.ophivana.moe/security/fortify/internal/app"
|
||||||
"git.ophivana.moe/security/fortify/internal/fmsg"
|
"git.ophivana.moe/security/fortify/internal/fmsg"
|
||||||
"git.ophivana.moe/security/fortify/internal/linux"
|
"git.ophivana.moe/security/fortify/internal/linux"
|
||||||
|
@ -20,9 +20,9 @@ func init() {
|
||||||
var os = new(linux.Std)
|
var os = new(linux.Std)
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
// linux/sched/coredump.h
|
if err := internal.PR_SET_DUMPABLE__SUID_DUMP_DISABLE(); err != nil {
|
||||||
if _, _, errno := syscall.RawSyscall(syscall.SYS_PRCTL, syscall.PR_SET_DUMPABLE, 0, 0); errno != 0 {
|
fmsg.Printf("cannot set SUID_DUMP_DISABLE: %s", err)
|
||||||
fmsg.Printf("cannot set SUID_DUMP_DISABLE: %s", errno.Error())
|
// not fatal: this program runs as the privileged user
|
||||||
}
|
}
|
||||||
|
|
||||||
flag.Parse()
|
flag.Parse()
|
||||||
|
|
Loading…
Reference in New Issue