summaryrefslogtreecommitdiff
path: root/sys/lib
diff options
context:
space:
mode:
authorTheo de Raadt <deraadt@cvs.openbsd.org>2015-11-14 07:02:24 +0000
committerTheo de Raadt <deraadt@cvs.openbsd.org>2015-11-14 07:02:24 +0000
commit1ec84b09e9a6b35048e8c514f34afe1eaaf152ff (patch)
tree7d850dcc4a56f6b9765587f1a4a2c2db8cd2bb6a /sys/lib
parentb654b6f72587ecd914178ccf1156e7e3beb9e793 (diff)
For pledge "stdio", allow the break(2) system call which backends the brk/sbrk
library routines. The manpage declares, in bold: The brk() and sbrk() functions are historical curiosities left over from earlier days before the advent of virtual memory management. In our base tree, only one program uses these functions -- cc1 in the gcc toolset. A historical curiosity using a historical curiosity, how quaint. brk is used because precompiled c headers are not position independent. Another program which relies upon brk is emacs. Other uses of brk are EXCEEDINGLY RARE, because most software grew up and use modern practices such as malloc and mmap, thereby gaining ASLR benefits. Position independence has become an important part of mitigations. These two programs fight such improvements. Permitting brk/sbrk allows the large attack surface of cc1 to be pledged. "I would rather have cc1 pledged than purity in pledge" guenther
Diffstat (limited to 'sys/lib')
0 files changed, 0 insertions, 0 deletions