summaryrefslogtreecommitdiff
path: root/usr.bin/nc
diff options
context:
space:
mode:
authorAlexander Bluhm <bluhm@cvs.openbsd.org>2020-01-06 19:39:59 +0000
committerAlexander Bluhm <bluhm@cvs.openbsd.org>2020-01-06 19:39:59 +0000
commitfc4782a5f30381d7ddd614674450c1542ebb9fcf (patch)
tree67ecada9070de72d828b091fe142cae4b0da5f47 /usr.bin/nc
parentbc75862bef6af457e225ca8c054d70f3cf03eba0 (diff)
The unveil(2) for nc -U -u -l was wrong. The server cannot unveil
the file system as it has to connect to the UNIX domain client socket. The path of the latter is determined dynamically. Instead add a restrictive pledge(2) after connect(2). OK tb@
Diffstat (limited to 'usr.bin/nc')
-rw-r--r--usr.bin/nc/netcat.c27
1 files changed, 23 insertions, 4 deletions
diff --git a/usr.bin/nc/netcat.c b/usr.bin/nc/netcat.c
index 4ff935c58ef..a9e2910089d 100644
--- a/usr.bin/nc/netcat.c
+++ b/usr.bin/nc/netcat.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: netcat.c,v 1.213 2020/01/06 15:19:12 bluhm Exp $ */
+/* $OpenBSD: netcat.c,v 1.214 2020/01/06 19:39:58 bluhm Exp $ */
/*
* Copyright (c) 2001 Eric Jackson <ericj@monkey.org>
* Copyright (c) 2015 Bob Beck. All rights reserved.
@@ -371,13 +371,24 @@ main(int argc, char *argv[])
err(1, "unveil");
if (oflag && unveil(oflag, "r") == -1)
err(1, "unveil");
+ } else if (family == AF_UNIX && uflag && lflag && !kflag) {
+ /*
+ * After recvfrom(2) from client, the server connects
+ * to the client socket. As the client path is determined
+ * during runtime, we cannot unveil(2).
+ */
} else {
if (family == AF_UNIX) {
if (unveil(host, "rwc") == -1)
err(1, "unveil");
- if (uflag && !lflag) {
- if (unveil(sflag ? sflag : "/tmp", "rwc") == -1)
- err(1, "unveil");
+ if (uflag && !kflag) {
+ if (sflag) {
+ if (unveil(sflag, "rwc") == -1)
+ err(1, "unveil");
+ } else {
+ if (unveil("/tmp", "rwc") == -1)
+ err(1, "unveil");
+ }
}
} else {
/* no filesystem visibility */
@@ -569,6 +580,10 @@ main(int argc, char *argv[])
if (s == -1)
err(1, NULL);
if (uflag && kflag) {
+ if (family == AF_UNIX) {
+ if (pledge("stdio unix", NULL) == -1)
+ err(1, "pledge");
+ }
/*
* For UDP and -k, don't connect the socket,
* let it receive datagrams from multiple
@@ -595,6 +610,10 @@ main(int argc, char *argv[])
if (rv == -1)
err(1, "connect");
+ if (family == AF_UNIX) {
+ if (pledge("stdio unix", NULL) == -1)
+ err(1, "pledge");
+ }
if (vflag)
report_sock("Connection received",
(struct sockaddr *)&z, len,