From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-0.1 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,FREEMAIL_FROM,T_SCC_BODY_TEXT_LINE autolearn=ham
	autolearn_force=no version=3.4.4
Received: (qmail 32564 invoked from network); 28 May 2022 21:49:39 -0000
Received: from 9front.inri.net (168.235.81.73)
  by inbox.vuxu.org with ESMTPUTF8; 28 May 2022 21:49:39 -0000
Received: from mail-oa1-f52.google.com ([209.85.160.52]) by 9front; Sat May 28 17:48:01 -0400 2022
Received: by mail-oa1-f52.google.com with SMTP id 586e51a60fabf-f16a3e0529so9860135fac.2
        for <9front@9front.org>; Sat, 28 May 2022 14:47:57 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:message-id:to:subject:date:in-reply-to:mime-version
         :content-transfer-encoding;
        bh=LXO04wKD/Vmcyjs6y+NV3C3+hJnhVl30A/dW+l9hdZI=;
        b=OaCY3RihblmOXDC5HL01by36xHdCW4QYt+bFUF7NfyZd01ulUV+OYznRnXjRIM+dO0
         CUPvZv+VrOJlDY3DAjCdknsm1lm7MTipeEin4xcJMknnM+k83XAgfyMftNYUB/VWmxCr
         5155sXhgwhA9f+INzdakf4K7/D1+1YrjQpVbeLXjjift9fqqV7Z4S0qtyucWB9NfcTXX
         RGMAyAzjFC4EOF/ALnWmKwp974fjv2yugr+2SeXnxYQq3Gx0jjPTF4Ta8vZVqBW8lwOc
         vixFjM3a0A44d9nFKOrAZL+Zy0oVGZ7tc3/meLyDk6BO6uq748vZkEoiZTM756aOgftw
         Ug9Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:message-id:to:subject:date:in-reply-to
         :mime-version:content-transfer-encoding;
        bh=LXO04wKD/Vmcyjs6y+NV3C3+hJnhVl30A/dW+l9hdZI=;
        b=TNBvbeZvRYeiscHwomFNV/Aqg1enzpMExyG6g0nYM4EC2mvygVW0OSDiwFoemnK5Wb
         psA1Nda1yIUjkLKlnR9Ppdr4WhHcVhdIVeiu/ZzKjef+zyO8oQRrhPfKNYS9XgTlxtj3
         JaauXHCIghUX5B7AvgMIM3m2hF0Rd7calDSeQL8sCyImLmD4Ktjz9GoqyYAUSCgzjrTr
         zPBn3N3TRQ4YFwZrcCoFqR5DDSIgpru9HChGZ3f2yAYn/Qwo7xzF4C2rdx1fMMPEwDa8
         PS+xJaKKZjGo8LcKL8/BOVSKkoTUeEeP3yipsDJOLA7McGE0UzZ4z7PuIgIOq+K1PLSp
         56Pg==
X-Gm-Message-State: AOAM533IbsKtj49biGty1e7ReHBPDHBLsGuU51/G5amuR4foBZiIeUK1
	eEmgMg5aVbnxhX4xO4gMvRyi7eD7ZGA=
X-Google-Smtp-Source: ABdhPJwUNy0GY8R/m4YYiM5h08qXruL0dX3oLM3Fc9Xu1cBYe4FqsKpFlUiC+lPRnhE7pp7LivdgiQ==
X-Received: by 2002:a05:6871:79a:b0:f2:cea2:607 with SMTP id o26-20020a056871079a00b000f2cea20607mr6827426oap.17.1653774477240;
        Sat, 28 May 2022 14:47:57 -0700 (PDT)
Return-Path: <covertusername967@gmail.com>
Received: from pi9cpu.covert9net (192-063-133-186.res.spectrum.com. [192.63.133.186])
        by smtp.gmail.com with ESMTPSA id f16-20020a4ad810000000b0035ef3da8387sm3365819oov.4.2022.05.28.14.47.56
        for <9front@9front.org>
        (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
        Sat, 28 May 2022 14:47:56 -0700 (PDT)
From: covertusername967@gmail.com
X-Google-Original-From: glenda@gmail.com
Message-ID: <A4506501742668E390FAB1B47E368397@gmail.com>
To: 9front@9front.org
Date: Sat, 28 May 2022 16:47:55 -0500
In-Reply-To: <B5973797B8A9E12627CD8864FA2009CD@eigenstate.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
List-ID: <9front.9front.org>
List-Help: <http://lists.9front.org>
X-Glyph: ➈
X-Bullshit: lossless component property rails 
Subject: Re: [9front] git: use new /dev/drivers for privdrop
Reply-To: 9front@9front.org
Precedence: bulk

Quoth ori@eigenstate.org:
> This needs to be held off for a bit, but it seems
> like a good idea: we shouldn't need any devices at
> all for this code, so let's not keep them.
> 
> ddiff 01a6de812c2fd38c9a28036300e3c2c7dc8441f5 uncommitted
> --- a/sys/src/cmd/git/serve.c
> +++ b/sys/src/cmd/git/serve.c
> @@ -5,7 +5,7 @@
>  
>  #include "git.h"
>  
> -char	*pathpfx = nil;
> +char	*pathpfx = "/";
>  int	allowwrite;
>  
>  int
> @@ -469,6 +469,22 @@
>  	return 0;
>  }
>  
> +void
> +privdrop(void)
> +{
> +	int fd;
> +
> +	if(rfork(RFNAMEG) == -1)
> +		sysfatal("rfork: %r");
> +	if((fd = open("#c/drivers", OWRITE)) == -1)
> +		sysfatal("open drivers: %r");
> +	if(bind(pathpfx, "/", MREPL) == -1)
> +		sysfatal("bind: %r");
> +	if(write(fd, "chdev &", strlen("chdev &")) == -1)
> +		sysfatal("drop permissions: %r");
> +	close(fd);
> +}
> +
>  char*
>  parsecmd(char *buf, char *cmd, int ncmd)
>  {
> @@ -518,15 +534,8 @@
>  	}ARGEND;
>  
>  	gitinit();
> +	privdrop();
>  	interactive = 0;
> -	if(rfork(RFNAMEG) == -1)
> -		sysfatal("rfork: %r");
> -	if(pathpfx != nil){
> -		if(bind(pathpfx, "/", MREPL) == -1)
> -			sysfatal("bind: %r");
> -	}
> -	if(rfork(RFNOMNT) == -1)
> -		sysfatal("rfork: %r");
>  
>  	initconn(&c, 0, 1);
>  	if(readpkt(&c, buf, sizeof(buf)) == -1)
> 

Correct me if i'm wrong, but if i remember correctly, wasn't git9 intended to be compatible with 9legacy as well as 9front? Won't this break compatibility?