aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xconfigure9
-rw-r--r--sandbox.c25
2 files changed, 33 insertions, 1 deletions
diff --git a/configure b/configure
index cfec87a..eb00656 100755
--- a/configure
+++ b/configure
@@ -44,6 +44,8 @@ LEX=lex
STATIC=
YACC=yacc
+DISABLE_SANDBOX=0
+
NEED_GNU_SOURCE=0
NEED_OPENBSD_SOURCE=0
@@ -100,6 +102,11 @@ which ${YACC} 2>/dev/null 1>&2 || {
# allow certain variables to be overridden on the command line
for keyvals in "$@"; do
+ if [ "$keyvals" = "--disable-sandbox" ]; then
+ DISABLE_SANDBOX=1
+ continue
+ fi
+
key=`echo $keyvals | cut -s -d '=' -f1`
if [ -z "$key" ]; then
echo "$0: invalid key-value: $keyvals" 1>&2
@@ -287,6 +294,8 @@ echo "#include <imsg.h>"
cat <<__HEREDOC__
+#define DISABLE_SANDBOX ${DISABLE_SANDBOX}
+
#define HAVE_ERR ${HAVE_ERR}
#define HAVE_EXPLICIT_BZERO ${HAVE_EXPLICIT_BZERO}
#define HAVE_FREEZERO ${HAVE_FREEZERO}
diff --git a/sandbox.c b/sandbox.c
index a877c16..dfcb1b0 100644
--- a/sandbox.c
+++ b/sandbox.c
@@ -16,7 +16,30 @@
#include "gmid.h"
-#if defined(__FreeBSD__)
+#if DISABLE_SANDBOX
+
+#warning "Sandbox disabled! Please report issues upstream instead of disabling the sandbox."
+
+void
+sandbox_server_process(void)
+{
+ return;
+}
+
+void
+sandbox_executor_process(void)
+{
+ log_notice(NULL, "Sandbox disabled! "
+ "Please report issues upstream instead of disabling the sandbox.");
+}
+
+void
+sandbox_logger_process(void)
+{
+ return;
+}
+
+#elif defined(__FreeBSD__)
#include <sys/capsicum.h>