mirrors/wireproxy
1
0
Fork 0
mirror of https://github.com/whyvl/wireproxy.git synced 2025-04-29 19:01:42 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

add documentation

Browse source
This commit is contained in:
octeep 2022-04-01 00:47:14 +01:00 committed by octeep
parent 50ba66c898
commit 4b3bcb80ea
4 changed files with 72 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

6
cmd/wireproxy/main.go
View file

@ -11,8 +11,11 @@ import (
"suah.dev/protect"
)
// an argument to denote that this process was spawned by -d
const daemonProcess = "daemon-process"
// attempts to pledge and panic if it fails
// this does nothing on non-OpenBSD systems
func pledgeOrPanic(promises string) {
err := protect.Pledge(promises)
if err != nil {
@ -21,6 +24,7 @@ func pledgeOrPanic(promises string) {
}
func main() {
// only allow standard stdio operation, file reading, networking, and exec
pledgeOrPanic("stdio rpath inet dns proc exec")
isDaemonProcess := len(os.Args) > 1 && os.Args[1] == daemonProcess
@ -80,7 +84,7 @@ func main() {
return
}
// no file access is allowed from now on
// no file access is allowed from now on, only networking
pledgeOrPanic("stdio inet dns")
tnet, err := wireproxy.StartWireguard(conf.Device)