diff options
| -rw-r--r-- | sys/kern/kern_unveil.c | 3 | ||||
| -rw-r--r-- | sys/kern/vfs_syscalls.c | 12 | ||||
| -rw-r--r-- | sys/sys/pledge.h | 3 |
3 files changed, 3 insertions, 15 deletions
diff --git a/sys/kern/kern_unveil.c b/sys/kern/kern_unveil.c index 700ff554996..63897074afd 100644 --- a/sys/kern/kern_unveil.c +++ b/sys/kern/kern_unveil.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_unveil.c,v 1.25 2019/03/26 13:41:40 beck Exp $ */ +/* $OpenBSD: kern_unveil.c,v 1.26 2019/06/19 16:55:51 deraadt Exp $ */ /* * Copyright (c) 2017-2019 Bob Beck <beck@openbsd.org> @@ -799,7 +799,6 @@ unveil_check_final(struct proc *p, struct nameidata *ni) printf("unveil: %s(%d): BYPASSUNVEIL.\n", p->p_p->ps_comm, p->p_p->ps_pid); #endif - CLR(ni->ni_pledge, PLEDGE_STATLIE); return (0); } if (ni->ni_vp != NULL && ni->ni_vp->v_type == VDIR) { diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c index 407e7361888..37c2332537f 100644 --- a/sys/kern/vfs_syscalls.c +++ b/sys/kern/vfs_syscalls.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vfs_syscalls.c,v 1.318 2019/06/15 15:28:55 deraadt Exp $ */ +/* $OpenBSD: vfs_syscalls.c,v 1.319 2019/06/19 16:55:51 deraadt Exp $ */ /* $NetBSD: vfs_syscalls.c,v 1.71 1996/04/23 10:29:02 mycroft Exp $ */ /* @@ -1991,16 +1991,6 @@ dofstatat(struct proc *p, int fd, const char *path, struct stat *buf, int flag) vput(nd.ni_vp); if (error) return (error); - if (nd.ni_pledge & PLEDGE_STATLIE) { - if (S_ISDIR(sb.st_mode) || S_ISLNK(sb.st_mode)) { - if (sb.st_uid >= 1000) { - sb.st_uid = p->p_ucred->cr_uid; - sb.st_gid = p->p_ucred->cr_gid;; - } - sb.st_gen = 0; - } else - return (ENOENT); - } /* Don't let non-root see generation numbers (for NFS security) */ if (suser(p)) sb.st_gen = 0; diff --git a/sys/sys/pledge.h b/sys/sys/pledge.h index d44a575bc5b..cbb37ad54bd 100644 --- a/sys/sys/pledge.h +++ b/sys/sys/pledge.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pledge.h,v 1.39 2019/01/21 20:09:37 landry Exp $ */ +/* $OpenBSD: pledge.h,v 1.40 2019/06/19 16:55:51 deraadt Exp $ */ /* * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org> @@ -69,7 +69,6 @@ * to track program behaviours which have been observed. */ #define PLEDGE_USERSET 0x0fffffffffffffffULL -#define PLEDGE_STATLIE 0x4000000000000000ULL #define PLEDGE_YPACTIVE 0x8000000000000000ULL /* YP use detected and allowed */ #ifdef PLEDGENAMES |