tvote.c: progressively tighten pledge(2) - vote - simple cgi voting system for … | |
git clone git://src.adamsgaard.dk/vote | |
Log | |
Files | |
Refs | |
README | |
LICENSE | |
--- | |
commit d87240294456e9516fdd64fc6d6f02aa5e6bfadf | |
parent 6cf52771bc127fbf083ca9badeeac6dba89d65fb | |
Author: Anders Damsgaard <[email protected]> | |
Date: Mon, 28 Sep 2020 15:49:02 +0200 | |
vote.c: progressively tighten pledge(2) | |
Diffstat: | |
M vote.c | 17 ++++++++++++++--- | |
1 file changed, 14 insertions(+), 3 deletions(-) | |
--- | |
diff --git a/vote.c b/vote.c | |
t@@ -209,6 +209,11 @@ show_poll(const char *poll, int vote) | |
{ | |
FILE *fp; | |
+ if (pledge("stdio rpath", NULL) == -1) { | |
+ http_status(500); | |
+ err(1, "show_poll: pledge"); | |
+ } | |
+ | |
if (!(fp = fopen(pollfile(poll, ""), "r"))) { | |
http_status(404); | |
exit(1); | |
t@@ -226,6 +231,11 @@ list_polls() | |
int fts_options = FTS_COMFOLLOW | FTS_LOGICAL | FTS_NOCHDIR; | |
char *paths[] = { (char*)POLLS_DIR, NULL }; | |
+ if (pledge("stdio rpath", NULL) == -1) { | |
+ http_status(500); | |
+ err(1, "list_polls: pledge"); | |
+ } | |
+ | |
if ((ftsp = fts_open(paths, fts_options, NULL)) == NULL) { | |
http_status(500); | |
err(1, "list_polls: fts_open"); | |
t@@ -316,14 +326,15 @@ print_poll_create_form() | |
"</tr>\n" | |
"<tr>\n" | |
" <td width=\"100%\" class=\"input\">\n" | |
- " <input type=\"text\" name=\"question\" " | |
- "placeholder=\"Question\" size=\"60\" class=\"question\" />\n" | |
+ " <textarea rows=\"3\" cols=\"60\" name=\"quest… | |
+ "placeholder=\"Question (first line is header)\" " | |
+ "class=\"question\"></textarea>\n" | |
" </td>\n" | |
"</tr>\n" | |
"<tr>\n" | |
" <td width=\"100%\" class=\"input\">\n" | |
" <textarea rows=\"5\" cols=\"60\" name=\"options\" " | |
- "placeholder=\"Options (1 per line)\"></textarea>\n" | |
+ "placeholder=\"Options (one per line)\" class=\"options\"></te… | |
" </td>\n" | |
"</tr>\n" | |
"<tr>\n" |