diff options
| author | Todd C. Miller <millert@cvs.openbsd.org> | 2015-10-25 01:57:10 +0000 |
|---|---|---|
| committer | Todd C. Miller <millert@cvs.openbsd.org> | 2015-10-25 01:57:10 +0000 |
| commit | 9e1ce3cd93e3db6d5aa2e7f7789f3f56e9f7766c (patch) | |
| tree | 311d4a0c5d252f214da52420fbabd1772459d654 /sys/kern | |
| parent | 11cc49228c9150b03e7e7299fd7dbcb528c4f811 (diff) | |
For SYS_open let the /dev/null special case match if any TMN_RPATH,
TMN_WPATH or both are set in p_pledgenote. Matches the style used
for /dev/tty special cases (among others). From deraadt@
Diffstat (limited to 'sys/kern')
| -rw-r--r-- | sys/kern/kern_pledge.c | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c index f5211a06ba6..1706f922fc5 100644 --- a/sys/kern/kern_pledge.c +++ b/sys/kern/kern_pledge.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_pledge.c,v 1.69 2015/10/25 00:02:00 nicm Exp $ */ +/* $OpenBSD: kern_pledge.c,v 1.70 2015/10/25 01:57:09 millert Exp $ */ /* * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org> @@ -571,10 +571,9 @@ pledge_namei(struct proc *p, char *origpath) break; case SYS_open: /* daemon(3) or other such functions */ - if ((p->p_pledgenote == TMN_RPATH || - p->p_pledgenote == TMN_WPATH)) { - if (strcmp(path, "/dev/null") == 0) - return (0); + if ((p->p_pledgenote & ~(TMN_RPATH | TMN_WPATH)) == 0 && + strcmp(path, "/dev/null") == 0) { + return (0); } /* getpw* and friends need a few files */ |