diff options
| author | Ricardo Mestre <mestre@cvs.openbsd.org> | 2019-07-11 06:55:03 +0000 |
|---|---|---|
| committer | Ricardo Mestre <mestre@cvs.openbsd.org> | 2019-07-11 06:55:03 +0000 |
| commit | 79ec845a41b15bcbbcc0846033eadf4bf4fbc52b (patch) | |
| tree | e572d8e201aa19b7f4a744bdc0f2d5680d6066cc /sbin/dhclient | |
| parent | 8b3961a970ca9b2a1bfd03ab106603d430c10ca5 (diff) | |
The privileged process of dhclient(8) runs several ioctl(2)s that are forbidden
by pledge(2) and therefore we cannot add it here. Instead we can restrict the
filesystem access to only two files, mentioned below, via unveil(2).
- /etc/resolv.conf -> write/create permissions
- /etc/resolv.conf.tail -> read permissions
OK brynet@ deraadt@ kn@
krw@ left the decision to other people who understand unveil(2)
Diffstat (limited to 'sbin/dhclient')
| -rw-r--r-- | sbin/dhclient/dhclient.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/sbin/dhclient/dhclient.c b/sbin/dhclient/dhclient.c index 5d89ac54ccf..33125f92462 100644 --- a/sbin/dhclient/dhclient.c +++ b/sbin/dhclient/dhclient.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dhclient.c,v 1.641 2019/07/01 16:53:59 krw Exp $ */ +/* $OpenBSD: dhclient.c,v 1.642 2019/07/11 06:55:02 mestre Exp $ */ /* * Copyright 2004 Henning Brauer <henning@openbsd.org> @@ -2232,6 +2232,13 @@ fork_privchld(struct interface_info *ifi, int fd, int fd2) if ((routefd = socket(AF_ROUTE, SOCK_RAW, 0)) == -1) fatal("socket(AF_ROUTE, SOCK_RAW)"); + if (unveil("/etc/resolv.conf", "wc") == -1) + fatal("unveil"); + if (unveil("/etc/resolv.conf.tail", "r") == -1) + fatal("unveil"); + if (unveil(NULL, NULL) == -1) + fatal("unveil"); + while (quit == 0) { pfd[0].fd = priv_ibuf->fd; pfd[0].events = POLLIN; |