diff options
author | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2020-01-06 19:39:59 +0000 |
---|---|---|
committer | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2020-01-06 19:39:59 +0000 |
commit | fc4782a5f30381d7ddd614674450c1542ebb9fcf (patch) | |
tree | 67ecada9070de72d828b091fe142cae4b0da5f47 /usr.bin/nc | |
parent | bc75862bef6af457e225ca8c054d70f3cf03eba0 (diff) |
The unveil(2) for nc -U -u -l was wrong. The server cannot unveil
the file system as it has to connect to the UNIX domain client
socket. The path of the latter is determined dynamically. Instead
add a restrictive pledge(2) after connect(2).
OK tb@
Diffstat (limited to 'usr.bin/nc')
-rw-r--r-- | usr.bin/nc/netcat.c | 27 |
1 files changed, 23 insertions, 4 deletions
diff --git a/usr.bin/nc/netcat.c b/usr.bin/nc/netcat.c index 4ff935c58ef..a9e2910089d 100644 --- a/usr.bin/nc/netcat.c +++ b/usr.bin/nc/netcat.c @@ -1,4 +1,4 @@ -/* $OpenBSD: netcat.c,v 1.213 2020/01/06 15:19:12 bluhm Exp $ */ +/* $OpenBSD: netcat.c,v 1.214 2020/01/06 19:39:58 bluhm Exp $ */ /* * Copyright (c) 2001 Eric Jackson <ericj@monkey.org> * Copyright (c) 2015 Bob Beck. All rights reserved. @@ -371,13 +371,24 @@ main(int argc, char *argv[]) err(1, "unveil"); if (oflag && unveil(oflag, "r") == -1) err(1, "unveil"); + } else if (family == AF_UNIX && uflag && lflag && !kflag) { + /* + * After recvfrom(2) from client, the server connects + * to the client socket. As the client path is determined + * during runtime, we cannot unveil(2). + */ } else { if (family == AF_UNIX) { if (unveil(host, "rwc") == -1) err(1, "unveil"); - if (uflag && !lflag) { - if (unveil(sflag ? sflag : "/tmp", "rwc") == -1) - err(1, "unveil"); + if (uflag && !kflag) { + if (sflag) { + if (unveil(sflag, "rwc") == -1) + err(1, "unveil"); + } else { + if (unveil("/tmp", "rwc") == -1) + err(1, "unveil"); + } } } else { /* no filesystem visibility */ @@ -569,6 +580,10 @@ main(int argc, char *argv[]) if (s == -1) err(1, NULL); if (uflag && kflag) { + if (family == AF_UNIX) { + if (pledge("stdio unix", NULL) == -1) + err(1, "pledge"); + } /* * For UDP and -k, don't connect the socket, * let it receive datagrams from multiple @@ -595,6 +610,10 @@ main(int argc, char *argv[]) if (rv == -1) err(1, "connect"); + if (family == AF_UNIX) { + if (pledge("stdio unix", NULL) == -1) + err(1, "pledge"); + } if (vflag) report_sock("Connection received", (struct sockaddr *)&z, len, |