diff options
| author | Bob Beck <beck@cvs.openbsd.org> | 2019-03-24 18:43:07 +0000 |
|---|---|---|
| committer | Bob Beck <beck@cvs.openbsd.org> | 2019-03-24 18:43:07 +0000 |
| commit | bf910681a5390e737f93e1163985c60c2aeba0f7 (patch) | |
| tree | ce60c318f91bcf575a8937038728ff9f039ab1c9 /lib/libc | |
| parent | aa174c78e67e9ab6cdb8dc7685adf73d25bde06b (diff) | |
Document the fact that readlink(2) can bypass restrictions as needed
by realpath(3). This will go away post 6.5.
ok deraadt@
Diffstat (limited to 'lib/libc')
| -rw-r--r-- | lib/libc/sys/unveil.2 | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/lib/libc/sys/unveil.2 b/lib/libc/sys/unveil.2 index cea363a8bfc..172ca28b32e 100644 --- a/lib/libc/sys/unveil.2 +++ b/lib/libc/sys/unveil.2 @@ -1,4 +1,4 @@ -.\" $OpenBSD: unveil.2,v 1.15 2019/03/21 17:13:18 rob Exp $ +.\" $OpenBSD: unveil.2,v 1.16 2019/03/24 18:43:06 beck Exp $ .\" .\" Copyright (c) 2018 Bob Beck <beck@openbsd.org> .\" @@ -14,7 +14,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: March 21 2019 $ +.Dd $Mdocdate: March 24 2019 $ .Dt UNVEIL 2 .Os .Sh NAME @@ -155,6 +155,14 @@ was not accessible, or .Nm was called after locking. .El +.Sh BUGS +.Xr readlink 2 +partially bypasses +.Nm +restrictions required by +.Xr realpath 3 . +Future changes intend to repair this problem. +.Pp .Sh HISTORY The .Fn unveil |