diff options
| author | Ricardo Mestre <mestre@cvs.openbsd.org> | 2018-08-05 08:20:55 +0000 |
|---|---|---|
| committer | Ricardo Mestre <mestre@cvs.openbsd.org> | 2018-08-05 08:20:55 +0000 |
| commit | 5b685941a7929ffbb7de61afe2d62676520f39b5 (patch) | |
| tree | dd7d1ab7996602612d82fe02a7210fbb569114c5 | |
| parent | 9702fe451d45acb5e0829f42abd4f08cfd775410 (diff) | |
Remove cpath pledge(2) promise. We decided that not deleting the unix control
sockets cause no harm and this way we close another attack surface by not
allowing the daemon to create/delete any more files.
OK florian@
| -rw-r--r-- | usr.sbin/vmd/control.c | 14 | ||||
| -rw-r--r-- | usr.sbin/vmd/proc.c | 5 | ||||
| -rw-r--r-- | usr.sbin/vmd/proc.h | 8 |
3 files changed, 4 insertions, 23 deletions
diff --git a/usr.sbin/vmd/control.c b/usr.sbin/vmd/control.c index 9d2ec09e20e..2d3f0b804ec 100644 --- a/usr.sbin/vmd/control.c +++ b/usr.sbin/vmd/control.c @@ -1,4 +1,4 @@ -/* $OpenBSD: control.c,v 1.28 2018/07/13 08:42:49 reyk Exp $ */ +/* $OpenBSD: control.c,v 1.29 2018/08/05 08:20:54 mestre Exp $ */ /* * Copyright (c) 2010-2015 Reyk Floeter <reyk@openbsd.org> @@ -67,12 +67,11 @@ control_run(struct privsep *ps, struct privsep_proc *p, void *arg) /* * pledge in the control process: * stdio - for malloc and basic I/O including events. - * cpath - for managing the control socket. * unix - for the control socket. * recvfd - for the proc fd exchange. * sendfd - for send and receive. */ - if (pledge("stdio cpath unix recvfd sendfd", NULL) == -1) + if (pledge("stdio unix recvfd sendfd", NULL) == -1) fatal("pledge"); } @@ -205,15 +204,6 @@ control_listen(struct control_sock *cs) return (0); } -void -control_cleanup(struct control_sock *cs) -{ - if (cs->cs_name == NULL) - return; - event_del(&cs->cs_ev); - event_del(&cs->cs_evt); -} - /* ARGSUSED */ void control_accept(int listenfd, short event, void *arg) diff --git a/usr.sbin/vmd/proc.c b/usr.sbin/vmd/proc.c index 5443bdb9262..b37036908cd 100644 --- a/usr.sbin/vmd/proc.c +++ b/usr.sbin/vmd/proc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: proc.c,v 1.16 2017/11/04 07:40:31 mlarkin Exp $ */ +/* $OpenBSD: proc.c,v 1.17 2018/08/05 08:20:54 mestre Exp $ */ /* * Copyright (c) 2010 - 2016 Reyk Floeter <reyk@openbsd.org> @@ -475,9 +475,6 @@ proc_shutdown(struct privsep_proc *p) { struct privsep *ps = p->p_ps; - if (p->p_id == PROC_CONTROL && ps) - control_cleanup(&ps->ps_csock); - if (p->p_shutdown != NULL) (*p->p_shutdown)(); diff --git a/usr.sbin/vmd/proc.h b/usr.sbin/vmd/proc.h index f0e4704aefb..01361076f54 100644 --- a/usr.sbin/vmd/proc.h +++ b/usr.sbin/vmd/proc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: proc.h,v 1.14 2018/07/15 14:36:54 reyk Exp $ */ +/* $OpenBSD: proc.h,v 1.15 2018/08/05 08:20:54 mestre Exp $ */ /* * Copyright (c) 2010-2015 Reyk Floeter <reyk@openbsd.org> @@ -69,11 +69,6 @@ struct control_sock { }; TAILQ_HEAD(control_socks, control_sock); -struct { - struct event ev; - int fd; -} control_state; - struct ctl_conn { TAILQ_ENTRY(ctl_conn) entry; uint8_t flags; @@ -197,7 +192,6 @@ void control(struct privsep *, struct privsep_proc *); int control_init(struct privsep *, struct control_sock *); int control_reset(struct control_sock *); int control_listen(struct control_sock *); -void control_cleanup(struct control_sock *); /* log.c */ void log_init(int, int); |