AsiaBSDCon 2017 Secure CGI

    1 /* Title: Trivial example with pledge() sandbox */
    2 
    3 #include <err.h>
    4 #include <stdlib.h>
    5 #include <stdio.h>
    6 #include <unistd.h>
    7 
    8 int
    9 main(void)
   10 {
   11 
   12 	if (-1 == pledge("stdio", NULL))
   13 		err(EXIT_FAILURE, NULL);
   14 
   15 	/* 
   16 	 * We don't need anything except stdout.
   17 	 * This would be the same if we were doing input.
   18 	 */
   19 
   20 	puts("Status: 200 OK\r");
   21 	puts("Content-Type: text/html\r");
   22 	puts("\r");
   23 	puts("Hello, world!");
   24 	return(EXIT_SUCCESS);
   25 }