diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2021-06-03 13:19:46 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2021-06-03 13:19:46 +0000 |
| commit | 95d00d4b6089595293872471b78b567652a7a69f (patch) | |
| tree | cf8e9b6b37919190087e5702f89dada6befe8fce /lib/libc | |
| parent | 53f257608caea1a9dd97c23f25c93dce9d7d06fc (diff) | |
secure_path(3) hasn't been called since we recognized the TOCTOU issues a few
years back, so we can remove it. Since nothing in the ecosystem calls it, I
am not cranking the libc major as required, surely another crank will come
along soon.
noticed by Dante Catalfamo
ok millert
Diffstat (limited to 'lib/libc')
| -rw-r--r-- | lib/libc/Symbols.list | 1 | ||||
| -rw-r--r-- | lib/libc/gen/login_cap.c | 28 | ||||
| -rw-r--r-- | lib/libc/hidden/login_cap.h | 3 |
3 files changed, 2 insertions, 30 deletions
diff --git a/lib/libc/Symbols.list b/lib/libc/Symbols.list index f9aa62ab6e8..d6a6b684827 100644 --- a/lib/libc/Symbols.list +++ b/lib/libc/Symbols.list @@ -739,7 +739,6 @@ readdir_r readpassphrase rewinddir scandir -secure_path seekdir setclasscontext setdomainname diff --git a/lib/libc/gen/login_cap.c b/lib/libc/gen/login_cap.c index 5b19f56749a..d3b91f1955c 100644 --- a/lib/libc/gen/login_cap.c +++ b/lib/libc/gen/login_cap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: login_cap.c,v 1.38 2019/10/18 17:14:08 tedu Exp $ */ +/* $OpenBSD: login_cap.c,v 1.39 2021/06/03 13:19:45 deraadt Exp $ */ /* * Copyright (c) 2000-2004 Todd C. Miller <millert@openbsd.org> @@ -977,32 +977,6 @@ multiply(u_quad_t n1, u_quad_t n2) return (m); } -int -secure_path(char *path) -{ - struct stat sb; - - /* - * If not a regular file, or is owned/writeable by someone - * other than root, quit. - */ - if (lstat(path, &sb) == -1) { - syslog(LOG_ERR, "cannot stat %s: %m", path); - return (-1); - } else if (!S_ISREG(sb.st_mode)) { - syslog(LOG_ERR, "%s: not a regular file", path); - return (-1); - } else if (sb.st_uid != 0) { - syslog(LOG_ERR, "%s: not owned by root", path); - return (-1); - } else if (sb.st_mode & (S_IWGRP | S_IWOTH)) { - syslog(LOG_ERR, "%s: writable by non-root", path); - return (-1); - } - return (0); -} -DEF_WEAK(secure_path); - /* * Check whether or not a tilde in a string should be expanded. * We only do expansion for things like "~", "~/...", ~me", "~me/...". diff --git a/lib/libc/hidden/login_cap.h b/lib/libc/hidden/login_cap.h index c6dcfbfc8fb..00a0e33223c 100644 --- a/lib/libc/hidden/login_cap.h +++ b/lib/libc/hidden/login_cap.h @@ -1,4 +1,4 @@ -/* $OpenBSD: login_cap.h,v 1.1 2015/09/13 19:58:50 guenther Exp $ */ +/* $OpenBSD: login_cap.h,v 1.2 2021/06/03 13:19:45 deraadt Exp $ */ /* * Copyright (c) 2015 Philip Guenther <guenther@openbsd.org> * @@ -28,7 +28,6 @@ PROTO_NORMAL(login_getcapstr); PROTO_NORMAL(login_getcaptime); PROTO_NORMAL(login_getclass); PROTO_NORMAL(login_getstyle); -PROTO_NORMAL(secure_path); PROTO_DEPRECATED(setclasscontext); PROTO_NORMAL(setusercontext); |