diff options
| author | Bob Beck <beck@cvs.openbsd.org> | 2018-08-05 14:23:58 +0000 |
|---|---|---|
| committer | Bob Beck <beck@cvs.openbsd.org> | 2018-08-05 14:23:58 +0000 |
| commit | cf7832bf479e6eb3abae1ca89d2faa68cef42a75 (patch) | |
| tree | 6bac65c4fa10dcf734e866c0170e71e863fb313c /sys/kern/kern_ktrace.c | |
| parent | 019dcb6d0e1163bcc7709bf484fc64bc19c9ce3d (diff) | |
Decouple unveil from the pledge flags, by adding dedicated unveil flags
to the namei args. This fixes a bug where chmod would be allowed when
with only READ. This also allows some further cleanup of some awkward
things like PLEDGE_STAT that will follow
Lots of assistence from semarie@ - thanks!
ok semarie@
Diffstat (limited to 'sys/kern/kern_ktrace.c')
| -rw-r--r-- | sys/kern/kern_ktrace.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/sys/kern/kern_ktrace.c b/sys/kern/kern_ktrace.c index 7315d41b26d..39249d4118c 100644 --- a/sys/kern/kern_ktrace.c +++ b/sys/kern/kern_ktrace.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_ktrace.c,v 1.98 2018/06/20 10:48:55 mpi Exp $ */ +/* $OpenBSD: kern_ktrace.c,v 1.99 2018/08/05 14:23:57 beck Exp $ */ /* $NetBSD: kern_ktrace.c,v 1.23 1996/02/09 18:59:36 christos Exp $ */ /* @@ -513,6 +513,7 @@ sys_ktrace(struct proc *p, void *v, register_t *retval) cred = p->p_ucred; NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, fname, p); nd.ni_pledge = PLEDGE_CPATH | PLEDGE_WPATH; + nd.ni_unveil = UNVEIL_CREATE | UNVEIL_WRITE; if ((error = vn_open(&nd, FWRITE|O_NOFOLLOW, 0)) != 0) return error; vp = nd.ni_vp; |