diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2015-10-05 13:30:31 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2015-10-05 13:30:31 +0000 |
| commit | 79a5b1930464b264a4172ae6a34b14370a4c238f (patch) | |
| tree | 238d4929c561d9347a472863bafcdfd4bfae64e4 /usr.bin/comm | |
| parent | da8b794f1a034a35fd3254d7ba14f02e02ffbe5f (diff) | |
tame "stdio rpath" or tame "stdio" suffices for all of these programs.
fairly easy to audit by running nm and noticing nothing beyond base
stdio except for fopen/freopen. Then review all callpaths to those
functions, and place the tame() calls.
ok sthen
Diffstat (limited to 'usr.bin/comm')
| -rw-r--r-- | usr.bin/comm/comm.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/usr.bin/comm/comm.c b/usr.bin/comm/comm.c index 56271f464fc..d15b931e545 100644 --- a/usr.bin/comm/comm.c +++ b/usr.bin/comm/comm.c @@ -1,4 +1,4 @@ -/* $OpenBSD: comm.c,v 1.8 2009/10/27 23:59:37 deraadt Exp $ */ +/* $OpenBSD: comm.c,v 1.9 2015/10/05 13:30:30 deraadt Exp $ */ /* $NetBSD: comm.c,v 1.10 1995/09/05 19:57:43 jtc Exp $ */ /* @@ -61,6 +61,9 @@ main(int argc, char *argv[]) setlocale(LC_ALL, ""); + if (tame("stdio rpath", NULL) == -1) + err(1, "tame"); + flag1 = flag2 = flag3 = 1; compare = strcoll; while ((ch = getopt(argc, argv, "123f")) != -1) |