diff options
| author | bluhm <> | 2026-02-27 20:31:13 +0000 |
|---|---|---|
| committer | bluhm <> | 2026-02-27 20:31:13 +0000 |
| commit | 3af81c05117c0432f15903e9e8c488243a7c3b7b (patch) | |
| tree | 8cf2ecf189887f7b242677e2358f18987631a6f2 /src | |
| parent | a0dca9ee89cde95a556cd215202b7542ee5f598f (diff) | |
| download | openbsd-OPENBSD_7_8.tar.gz openbsd-OPENBSD_7_8.tar.bz2 openbsd-OPENBSD_7_8.zip | |
replace pledge "stdio rpath tmppath" with unveil "/tmp" "rwc" to satisfyOPENBSD_7_8
mktemp(3) type operations, unveil "/" "r" for reading all over the tree,
and pledge "stdio rpath wpath cpath" to permit both unveils subject to
their own limitations.
pledge "rpath tmppath" is replace with unveil "/" "r", unveil "/tmp" "rwc",
and "rpath wpath cpath"
from deraadt@; ok semarie
This was using pledge "tmppath" with "rpath wpath cpath".
The "tmppath" is not needed.
from deraadt@; ok semarie and others
uses tmpfile(), which is why it used "tmppath", which is why it now
needs "rpath wpath cpath"
from deraadt@; spotted by brynet
Instead of pledge "tmppath rpath", setup a "rwc" unveil on "/tmp", a
"r" unveil on "/", and then pledge "rpath wpath cpath".
from deraadt@; ok semarie and others
This is using pledge "tmppath" with "rpath wpath cpath".
The "tmppath" is not needed.
from deraadt@; ok semarie and others
These programs are using pledge "tmppath" with "rpath wpath cpath".
The "tmppath" is not needed.
from deraadt@; ok semarie and others
Use unveil() instead of pledge "tmppath". There is a bit of bulldozering
here to handle the many codeflows regarding output files, and I hope ingo
improves it later.
from deraadt@; Some help with regression validation from job
nc(1) has the more crazy unveil + pledge configuration based upon
argument flags. I think this correctly replaces "tmppath" with an
unveil.
from deraadt@
Since this program is "rpath wpath cpath", it does not need to use
"tmppath"
from deraadt@; ok op
replace pledge "tmppath" with unveil "/tmp" "rwc" and "rpath wpath cpath".
from deraadt@; ok ok
this is errata/7.8/015_tmppath.patch.sig
Diffstat (limited to '')
| -rw-r--r-- | src/usr.bin/nc/netcat.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/usr.bin/nc/netcat.c b/src/usr.bin/nc/netcat.c index e3c9c939e2..cb0b3e9cef 100644 --- a/src/usr.bin/nc/netcat.c +++ b/src/usr.bin/nc/netcat.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: netcat.c,v 1.234 2025/06/24 13:37:11 tb Exp $ */ | 1 | /* $OpenBSD: netcat.c,v 1.234.2.1 2026/02/27 20:31:13 bluhm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2001 Eric Jackson <ericj@monkey.org> | 3 | * Copyright (c) 2001 Eric Jackson <ericj@monkey.org> |
| 4 | * Copyright (c) 2015 Bob Beck. All rights reserved. | 4 | * Copyright (c) 2015 Bob Beck. All rights reserved. |
| @@ -381,6 +381,8 @@ main(int argc, char *argv[]) | |||
| 381 | */ | 381 | */ |
| 382 | } else { | 382 | } else { |
| 383 | if (family == AF_UNIX) { | 383 | if (family == AF_UNIX) { |
| 384 | if (unveil("/tmp", "rwc") == -1) | ||
| 385 | err(1, "unveil /tmp"); | ||
| 384 | if (unveil(host, "rwc") == -1) | 386 | if (unveil(host, "rwc") == -1) |
| 385 | err(1, "unveil %s", host); | 387 | err(1, "unveil %s", host); |
| 386 | if (uflag && !kflag) { | 388 | if (uflag && !kflag) { |
| @@ -400,7 +402,7 @@ main(int argc, char *argv[]) | |||
| 400 | } | 402 | } |
| 401 | 403 | ||
| 402 | if (family == AF_UNIX) { | 404 | if (family == AF_UNIX) { |
| 403 | if (pledge("stdio rpath wpath cpath tmppath unix", NULL) == -1) | 405 | if (pledge("stdio rpath wpath cpath unix", NULL) == -1) |
| 404 | err(1, "pledge"); | 406 | err(1, "pledge"); |
| 405 | } else if (Fflag && Pflag) { | 407 | } else if (Fflag && Pflag) { |
| 406 | if (pledge("stdio inet dns sendfd tty", NULL) == -1) | 408 | if (pledge("stdio inet dns sendfd tty", NULL) == -1) |