cl-openbsd-security

Common lisp bindings for OpenBSD pledge(2) and unveil(2)

Makes it easier to call pledge and unveil in a lispier way:

(obsd:pledge stdio prot-exec rpath) ;;for promisses only, no execpromisses

(obsd:pledge (stdio exec prot-exec xpath) (stdio wpath)) ;; for promisses and execpromisses

(obsd:unveil #p"/tmp" rwc)

Signals compile time errors when you make a typo

(obsd:pledge executive nonsense) ;; does not compile

(obsd:unveil #p"/home/me" read) ;; does not compile either

Install

Install with asdf: clone to ~/common-lisp or elswhere where your asdf looks, then (asdf:make :cl-openbsd-security). Not on quicklisp (yet?).

Limitations

Obviously only usable on OpenBSD. Will fail on any other OS. If you want to use this opportunistically, detect OS before use.
Works with all common lisp implementations available in OpenBSD ports for amd64:
- SBCL
- ECL
- CLISP
- ABCL (pkg-add -i jna before use or otherwise get jna on classpath)
of course the minimal set of pledges differs on different implementations

Name		Name	Last commit message	Last commit date
Latest commit History 16 Commits
README.md		README.md
cl-openbsd-security.asd		cl-openbsd-security.asd
cl-openbsd-security.lisp		cl-openbsd-security.lisp
free-tests.lisp		free-tests.lisp
test.lisp		test.lisp

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

cl-openbsd-security

Install

Limitations

About

Releases

Packages

Languages

ron-at-swgy/cl-openbsd-security

Folders and files

Latest commit

History

Repository files navigation

cl-openbsd-security

Install

Limitations

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages