Add env var for setting `no_new_privs` process bit on Linux

If set, this will apply to all processes launched by the config sentinel, directly or transitively. This is a one-way toggle. See https://www.kernel.org/doc/Documentation/prctl/no_new_privs.txt
author: Tor Brede Vekterli <vekterli@yahooinc.com> 2023-10-10 09:32:47 +0000
committer: Tor Brede Vekterli <vekterli@vespa.ai> 2023-11-14 12:33:08 +0000
commit: 51ff36cb354317b5c7911e13c351e009353a321c (patch)
tree: 03d6a953008648b003e9a83a13eefc62bdb36df1 /configd/src/apps/sentinel/sentinel.cpp
parent: 26afaf784280bb86d278adcf1b93ac4e912c0fb0 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/configd/src/apps/sentinel/sentinel.cpp b/configd/src/apps/sentinel/sentinel.cpp
index 59c690275c3..4f1d6019065 100644
--- a/configd/src/apps/sentinel/sentinel.cpp
+++ b/configd/src/apps/sentinel/sentinel.cpp
@@ -1,6 +1,7 @@
 // Copyright Vespa.ai. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
 
 #include "manager.h"
+#include "platform-specific.h"
 #include <vespa/config/common/exceptions.h>
 #include <vespa/vespalib/util/signalhandler.h>
 #include <vespa/vespalib/util/exceptions.h>
@@ -58,6 +59,8 @@ main(int argc, char **argv)
     }
     setlocale(LC_ALL, "C");
 
+    platform_specific::pledge_no_new_privileges_if_env_configured(); // Affects all launched subprocesses
+
     sentinel::Env environment;
     LOG(debug, "Reading configuration");
     try {
author	Tor Brede Vekterli <vekterli@yahooinc.com>	2023-10-10 09:32:47 +0000
committer	Tor Brede Vekterli <vekterli@vespa.ai>	2023-11-14 12:33:08 +0000
commit	51ff36cb354317b5c7911e13c351e009353a321c (patch)
tree	03d6a953008648b003e9a83a13eefc62bdb36df1 /configd/src/apps/sentinel/sentinel.cpp
parent	26afaf784280bb86d278adcf1b93ac4e912c0fb0 (diff)