From ff574f6412e6b289ed86b52d9f44398e4e0bc1d0 Mon Sep 17 00:00:00 2001
From: Michael Santos <michael.santos@gmail.com>
Date: Tue, 6 Jun 2023 06:12:56 -0400
Subject: [PATCH] capsicum: disable fs writes

Use RLIMIT_FSIZE to disable writes to the filesystem when stdout is not
a regular file.
---
 src/restrict_process_capsicum.c | 13 ++++++++++++-
 src/xmppipe.h                   |  2 +-
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/src/restrict_process_capsicum.c b/src/restrict_process_capsicum.c
index f466ba6..a86fae7 100644
--- a/src/restrict_process_capsicum.c
+++ b/src/restrict_process_capsicum.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2017-2020, Michael Santos <michael.santos@gmail.com>
+/* Copyright (c) 2017-2023, Michael Santos <michael.santos@gmail.com>
  *
  * Permission to use, copy, modify, and/or distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
@@ -16,8 +16,10 @@
 #include <sys/capsicum.h>
 #include <sys/param.h>
 #include <sys/resource.h>
+#include <sys/stat.h>
 #include <sys/time.h>
 #include <sys/types.h>
+#include <unistd.h>
 
 #include <errno.h>
 
@@ -25,6 +27,15 @@
 
 int restrict_process_init(xmppipe_state_t *state) {
   struct rlimit rl = {0};
+  struct stat sb = {0};
+
+  if (fstat(STDOUT_FILENO, &sb) < 0)
+    return -1;
+
+  if (!S_ISREG(sb.st_mode)) {
+    if (setrlimit(RLIMIT_FSIZE, &rl) < 0)
+      return -1;
+  }
 
   return setrlimit(RLIMIT_NPROC, &rl);
 }
diff --git a/src/xmppipe.h b/src/xmppipe.h
index 0cad4fc..e88079b 100644
--- a/src/xmppipe.h
+++ b/src/xmppipe.h
@@ -27,7 +27,7 @@
 #include "strtonum.h"
 #endif
 
-#define XMPPIPE_VERSION "0.14.7"
+#define XMPPIPE_VERSION "0.14.8"
 #define XMPPIPE_RESOURCE "xmppipe"
 
 #define XMPPIPE_STREQ(a, b) (strcmp((a), (b)) == 0)