summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--sys/kern/vfs_lookup.c10
-rw-r--r--sys/kern/vfs_syscalls.c6
2 files changed, 7 insertions, 9 deletions
diff --git a/sys/kern/vfs_lookup.c b/sys/kern/vfs_lookup.c
index f8bdbefaa11..df93402034c 100644
--- a/sys/kern/vfs_lookup.c
+++ b/sys/kern/vfs_lookup.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: vfs_lookup.c,v 1.78 2019/07/08 09:21:10 bluhm Exp $ */
+/* $OpenBSD: vfs_lookup.c,v 1.79 2019/07/15 14:56:45 beck Exp $ */
/* $NetBSD: vfs_lookup.c,v 1.17 1996/02/09 19:00:59 christos Exp $ */
/*
@@ -577,12 +577,10 @@ dirloop:
printf("not found\n");
#endif
/*
- * Allow for unveiling or realpath'ing a file in a
- * directory where we don't have access to create it
- * ourselves
+ * Allow for unveiling a file in a directory where we
+ * don't have access to create it ourselves
*/
- if ((ndp->ni_pledge == PLEDGE_UNVEIL ||
- (cnp->cn_flags & REALPATH)) && error == EACCES)
+ if (ndp->ni_pledge == PLEDGE_UNVEIL && error == EACCES)
error = EJUSTRETURN;
if (error != EJUSTRETURN)
diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c
index b2aa8939001..6d105ae9b16 100644
--- a/sys/kern/vfs_syscalls.c
+++ b/sys/kern/vfs_syscalls.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: vfs_syscalls.c,v 1.321 2019/07/12 13:56:27 solene Exp $ */
+/* $OpenBSD: vfs_syscalls.c,v 1.322 2019/07/15 14:56:45 beck Exp $ */
/* $NetBSD: vfs_syscalls.c,v 1.71 1996/04/23 10:29:02 mycroft Exp $ */
/*
@@ -928,7 +928,7 @@ sys___realpath(struct proc *p, void *v, register_t *retval)
NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | SAVENAME | REALPATH,
UIO_SYSSPACE, pathname, p);
else
- NDINIT(&nd, CREATE, FOLLOW | LOCKLEAF | LOCKPARENT | SAVENAME |
+ NDINIT(&nd, LOOKUP, FOLLOW | LOCKLEAF | LOCKPARENT | SAVENAME |
REALPATH, UIO_SYSSPACE, pathname, p);
nd.ni_cnd.cn_rpbuf = rpbuf;
@@ -2083,7 +2083,7 @@ doreadlinkat(struct proc *p, int fd, const char *path, char *buf,
NDINITAT(&nd, LOOKUP, NOFOLLOW | LOCKLEAF, UIO_USERSPACE, fd, path, p);
nd.ni_pledge = PLEDGE_RPATH;
- nd.ni_unveil = UNVEIL_INSPECT;
+ nd.ni_unveil = UNVEIL_READ;
if ((error = namei(&nd)) != 0)
return (error);
vp = nd.ni_vp;