Capsicum/Capabilities

btree/bprompt.c

@@ -11,6 +11,9 @@
 #include <getopt.h>
 #include <sys/stat.h>
 #include "bcompare.h"
+#include <sys/capsicum.h>
+
+
 
 /* yacc */
 int yyparse(void);
@@ -138,6 +141,7 @@ int dbget(size_t key)
 
 int main(int argc, char *argv[])
 {
+	cap_rights_t rights_wr;
 	char *dbname = NULL;
 	char buf[PATH_MAX];
 	/* btree */
@@ -170,10 +174,20 @@ int main(int argc, char *argv[])
 	}
 
 	type.compare = compare;
+
 	btreedb= dbopen(dbname, O_CREAT | O_RDWR, S_IRUSR | S_IWUSR, DB_BTREE, &type);
+	if (btreedb == NULL)
+		err(EXIT_FAILURE, "Failed to create database.");
+
+	if (cap_enter() < 0)
+		err(EXIT_FAILURE, "cap_enter() failed");
+
+	cap_rights_init(&rights_wr, CAP_READ, CAP_FSTAT, CAP_SEEK, CAP_WRITE);
+	if (btreedb->fd(btreedb) < 0)
+		errx(EXIT_FAILURE, "No database access");
 
-	if (!btreedb)
-		err(EXIT_FAILURE, "Database unreachable:");
+	if (cap_rights_limit(btreedb->fd(btreedb), &rights_wr) < 0)
+		err(EXIT_FAILURE, "cap_rights_limit() failed");
 
 	while (!do_quit) {
 		yyparse();

dummy/pepper2.c

@@ -35,11 +35,13 @@ static void worm(WINDOW *win, int x, int y, char c0, char repl)
 	mvwaddch(win, y + 1, x + 1, c0);
 	wattroff(win, A_REVERSE);
 	if (ac != '*') {
+		int colnum = 4;
+
 		if (ac != '.')
-			wattron(win, COLOR_PAIR(1));
+			colnum = 1;
+		wattron(win, COLOR_PAIR(colnum));
 		mvwaddch(win, ay, ax, ac);
-		if (ac != ' ')
-			wattroff(win, COLOR_PAIR(1));
+		wattroff(win, COLOR_PAIR(colnum));
 	}
 	wrefresh(win);
 	ax = x + 1;
@@ -236,9 +238,10 @@ int main(int argc, char *argv[])
 	wrefresh(winR);
 
 	start_color();
-	init_pair(1, COLOR_RED, COLOR_BLACK);
+	init_pair(1, COLOR_RED, COLOR_GREEN);
 	init_pair(2, COLOR_BLACK, COLOR_MAGENTA);
 	init_pair(3, COLOR_BLUE, COLOR_BLUE);
+	init_pair(4, COLOR_YELLOW, COLOR_GREEN);
 	print_it(a);
 	r = get_it(&a);
 	dallocx(r, 0);