diff options
| author | bluhm <> | 2026-02-27 20:32:48 +0000 |
|---|---|---|
| committer | bluhm <> | 2026-02-27 20:32:48 +0000 |
| commit | 140c0395d7c1ac0617c23e5b1b8e3401cd6b0f58 (patch) | |
| tree | eb8e0d9e6ebd456b87b54489c407241a0401f542 | |
| parent | b087cd0400f51020d64ecc9afd0c0f8c8abdcf4f (diff) | |
| download | openbsd-OPENBSD_7_7.tar.gz openbsd-OPENBSD_7_7.tar.bz2 openbsd-OPENBSD_7_7.zip | |
replace pledge "stdio rpath tmppath" with unveil "/tmp" "rwc" to satisfyOPENBSD_7_7
mktemp(3) type operations, unveil "/" "r" for reading all over the tree,
and pledge "stdio rpath wpath cpath" to permit both unveils subject to
their own limitations.
pledge "rpath tmppath" is replace with unveil "/" "r", unveil "/tmp" "rwc",
and "rpath wpath cpath"
from deraadt@; ok semarie
This was using pledge "tmppath" with "rpath wpath cpath".
The "tmppath" is not needed.
from deraadt@; ok semarie and others
uses tmpfile(), which is why it used "tmppath", which is why it now
needs "rpath wpath cpath"
from deraadt@; spotted by brynet
Instead of pledge "tmppath rpath", setup a "rwc" unveil on "/tmp", a
"r" unveil on "/", and then pledge "rpath wpath cpath".
from deraadt@; ok semarie and others
This is using pledge "tmppath" with "rpath wpath cpath".
The "tmppath" is not needed.
from deraadt@; ok semarie and others
These programs are using pledge "tmppath" with "rpath wpath cpath".
The "tmppath" is not needed.
from deraadt@; ok semarie and others
Use unveil() instead of pledge "tmppath". There is a bit of bulldozering
here to handle the many codeflows regarding output files, and I hope ingo
improves it later.
from deraadt@; Some help with regression validation from job
nc(1) has the more crazy unveil + pledge configuration based upon
argument flags. I think this correctly replaces "tmppath" with an
unveil.
from deraadt@
Since this program is "rpath wpath cpath", it does not need to use
"tmppath"
from deraadt@; ok op
replace pledge "tmppath" with unveil "/tmp" "rwc" and "rpath wpath cpath".
from deraadt@; ok ok
this is errata/7.7/021_tmppath.patch.sig
Diffstat (limited to '')
| -rw-r--r-- | src/usr.bin/nc/netcat.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/usr.bin/nc/netcat.c b/src/usr.bin/nc/netcat.c index 8c60fd1882..d7b491efe6 100644 --- a/src/usr.bin/nc/netcat.c +++ b/src/usr.bin/nc/netcat.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: netcat.c,v 1.229 2024/11/02 17:19:27 tb Exp $ */ | 1 | /* $OpenBSD: netcat.c,v 1.229.4.1 2026/02/27 20:32:48 bluhm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2001 Eric Jackson <ericj@monkey.org> | 3 | * Copyright (c) 2001 Eric Jackson <ericj@monkey.org> |
| 4 | * Copyright (c) 2015 Bob Beck. All rights reserved. | 4 | * Copyright (c) 2015 Bob Beck. All rights reserved. |
| @@ -378,6 +378,8 @@ main(int argc, char *argv[]) | |||
| 378 | */ | 378 | */ |
| 379 | } else { | 379 | } else { |
| 380 | if (family == AF_UNIX) { | 380 | if (family == AF_UNIX) { |
| 381 | if (unveil("/tmp", "rwc") == -1) | ||
| 382 | err(1, "unveil /tmp"); | ||
| 381 | if (unveil(host, "rwc") == -1) | 383 | if (unveil(host, "rwc") == -1) |
| 382 | err(1, "unveil %s", host); | 384 | err(1, "unveil %s", host); |
| 383 | if (uflag && !kflag) { | 385 | if (uflag && !kflag) { |
| @@ -397,7 +399,7 @@ main(int argc, char *argv[]) | |||
| 397 | } | 399 | } |
| 398 | 400 | ||
| 399 | if (family == AF_UNIX) { | 401 | if (family == AF_UNIX) { |
| 400 | if (pledge("stdio rpath wpath cpath tmppath unix", NULL) == -1) | 402 | if (pledge("stdio rpath wpath cpath unix", NULL) == -1) |
| 401 | err(1, "pledge"); | 403 | err(1, "pledge"); |
| 402 | } else if (Fflag && Pflag) { | 404 | } else if (Fflag && Pflag) { |
| 403 | if (pledge("stdio inet dns sendfd tty", NULL) == -1) | 405 | if (pledge("stdio inet dns sendfd tty", NULL) == -1) |