diff options
| author | kn <kn@cvs.openbsd.org> | 2021-01-13 13:49:35 +0000 |
|---|---|---|
| committer | kn <kn@cvs.openbsd.org> | 2021-01-13 13:49:35 +0000 |
| commit | e7c115f6e0bc1d5c4980e0ed417c24b978e3e2fa (patch) | |
| tree | 3fce6f5d439511cb4fac97c858714f087d556ef4 /usr.bin/doas | |
| parent | d8523088d84203a1b41b383541b8682ce3236983 (diff) | |
Pledge the "-C" code path
In "Parse and check config" mode nothing is executed so pledge without
"exec" while still setuid and before reading/parsing the config file.
OK millert
Diffstat (limited to 'usr.bin/doas')
| -rw-r--r-- | usr.bin/doas/doas.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/usr.bin/doas/doas.c b/usr.bin/doas/doas.c index 537c910fa3b..0054f170bbb 100644 --- a/usr.bin/doas/doas.c +++ b/usr.bin/doas/doas.c @@ -1,4 +1,4 @@ -/* $OpenBSD: doas.c,v 1.84 2020/10/09 07:43:38 kn Exp $ */ +/* $OpenBSD: doas.c,v 1.85 2021/01/13 13:49:34 kn Exp $ */ /* * Copyright (c) 2015 Ted Unangst <tedu@openbsd.org> * @@ -183,6 +183,8 @@ checkconfig(const char *confpath, int argc, char **argv, const struct rule *rule; setresuid(uid, uid, uid); + if (pledge("stdio rpath getpw", NULL) == -1) + err(1, "pledge"); parseconfig(confpath, 0); if (!argc) exit(0); @@ -373,6 +375,8 @@ main(int argc, char **argv) } if (confpath) { + if (pledge("stdio rpath getpw id", NULL) == -1) + err(1, "pledge"); checkconfig(confpath, argc, argv, uid, groups, ngroups, target); exit(1); /* fail safe */ |