aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Cargo.lock20
-rw-r--r--Cargo.toml2
-rw-r--r--README.md7
-rw-r--r--src/main.rs23
4 files changed, 49 insertions, 3 deletions
diff --git a/Cargo.lock b/Cargo.lock
index 080fcbf..2b434ca 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -420,6 +420,15 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8b870d8c151b6f2fb93e84a13146138f05d02ed11c7e7c54f8826aaaf7c9f184"
[[package]]
+name = "pledge"
+version = "0.4.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "252599417b7d9a43b7fdc63dd790b0848666a8910b2ebe1a25118309c3c981e5"
+dependencies = [
+ "libc",
+]
+
+[[package]]
name = "postgres"
version = "0.18.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -483,9 +492,11 @@ version = "0.1.0"
dependencies = [
"dotenv",
"dumb_cgi",
+ "pledge",
"postgres",
"rand 0.8.5",
"regex",
+ "unveil",
"url",
]
@@ -757,6 +768,15 @@ dependencies = [
]
[[package]]
+name = "unveil"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5e7fa867d559102001ec694165ed17d5f82e95213060a65f9c8b6280084bbfec"
+dependencies = [
+ "libc",
+]
+
+[[package]]
name = "url"
version = "2.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
diff --git a/Cargo.toml b/Cargo.toml
index 2132b6b..9f9ea0a 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -12,3 +12,5 @@ regex = "1"
dotenv = "0.15"
url = "2"
rand = "0.8.5"
+unveil = "0.3"
+pledge = "0.4"
diff --git a/README.md b/README.md
index 73d6484..bc3662f 100644
--- a/README.md
+++ b/README.md
@@ -1,12 +1,13 @@
# purl-rs
A simple URL-shortener in Rust.
-I created this URL-shortener because it turned out that my previous one, `purl`,
-which was written i perl, was impractical to run in a `chroot` environment.
+I created this URL-shortener because it turned out that my previous one,
+[`purl`](https://git.dnns.no/purl/about/), which was written i perl, was
+impractical to run in a `chroot` environment.
This new one, written in [Rust](https://www.rust-lang.org/), has far fewer
dependencies to worry about in a `chroot` environment. It is written as a
-replacement for the old `purl`, and therefor uses
+replacement for the old `purl`, and uses
[CGI](https://en.wikipedia.org/wiki/Common_Gateway_Interface).
I use Nginx as my web-proxy, and run the cgi-binaries through
diff --git a/src/main.rs b/src/main.rs
index 638a9a0..ab5a1d4 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -16,14 +16,19 @@ use std::process::exit;
use dotenv;
use postgres::{Client, NoTls};
use dumb_cgi::{Request, EmptyResponse, Query};
+use pledge::pledge_promises;
use rand::{thread_rng, Rng, distributions::Alphanumeric};
use regex::Regex;
+use unveil::unveil;
use url::Url;
// Do the dirty
fn main() {
+ // Let's drop some privileges before we do anything else
+ drop_privs();
+
// Get variables from dotenv, or use defaults
let dburl:&str = &dotenv::var("DATABASE_URL").unwrap_or("postgresql://localhost/purl-rs".to_string());
let create_uri:&str = &dotenv::var("CREATE_URI").unwrap_or("/create".to_string());
@@ -267,4 +272,22 @@ fn check_short(short:&str) -> bool {
}
+//
+// Drop privileges
+//
+fn drop_privs() {
+ // Restrict what files we can access. See unveil(2)
+ unveil(".env", "r")
+ .or_else(unveil::Error::ignore_platform)
+ .unwrap();
+ unveil("", "")
+ .or_else(unveil::Error::ignore_platform)
+ .unwrap();
+
+ // Restrict what system calls we can access. See pledge(2)
+ pledge_promises![Stdio Rpath Inet Dns]
+ .or_else(pledge::Error::ignore_platform)
+ .unwrap();
+}
+
// end of file