summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>2023-08-15 13:50:54 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>2023-08-15 13:50:54 +0000
commit02ceb34aeea66784c63d89aac11f47fbfc1986e4 (patch)
tree3075105f0b5f4e2c136c9415d865de532560961c
parent54d53e4e1172196c5cffc9cd1d593490392eadc2 (diff)
ldd can pledge "stdio rpath proc exec prot_exec". We can later bifurbicate
at the dlopen vs execve split, dropping either "proc" or "prot_exec". ok gnezdo
-rw-r--r--libexec/ld.so/ldd/ldd.c12
1 files changed, 8 insertions, 4 deletions
diff --git a/libexec/ld.so/ldd/ldd.c b/libexec/ld.so/ldd/ldd.c
index f8f208652d2..375a646db36 100644
--- a/libexec/ld.so/ldd/ldd.c
+++ b/libexec/ld.so/ldd/ldd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ldd.c,v 1.25 2023/08/12 13:43:22 gnezdo Exp $ */
+/* $OpenBSD: ldd.c,v 1.26 2023/08/15 13:50:53 deraadt Exp $ */
/*
* Copyright (c) 2001 Artur Grabowski <art@openbsd.org>
* All rights reserved.
@@ -48,6 +48,9 @@ main(int argc, char **argv)
{
int c, xflag, ret;
+ if (pledge("stdio rpath proc exec prot_exec", NULL) == -1)
+ err(1, "pledge");
+
xflag = 0;
while ((c = getopt(argc, argv, "x")) != -1) {
switch (c) {
@@ -163,6 +166,8 @@ doit(char *name)
err(1, "fork");
case 0:
if (ehdr.e_type == ET_DYN && !interp) {
+ if (pledge("stdio rpath prot_exec", NULL) == -1)
+ err(1, "pledge");
if (realpath(name, buf) == NULL) {
printf("realpath(%s): %s", name,
strerror(errno));
@@ -178,14 +183,13 @@ doit(char *name)
_exit(0);
}
+ if (pledge("stdio rpath exec", "stdio rpath") == -1)
+ err(1, "pledge");
if (i == ehdr.e_phnum) {
printf("not a dynamic executable\n");
fflush(stdout);
_exit(0);
}
-
- if (pledge(NULL, "stdio rpath") == -1)
- err(1, "pledge");
execl(name, name, (char *)NULL);
perror(name);
_exit(1);