From 3539f75c29fe2593f27b8208b0e6a208edfa6c52 Mon Sep 17 00:00:00 2001 From: Theo de Raadt Date: Mon, 17 Apr 2017 20:22:15 +0000 Subject: matthieu@ observes % pax (without any arguments) hits pledge violation, because it tries MTIOCTOP against stdin, the tty. It is very inconvenient to use isatty to distinguish this difference in userland, so return ENOTTY for tty devices. ok natano --- sys/kern/kern_pledge.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) (limited to 'sys') diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c index 406fbfee3fa..b1c5bbcfe13 100644 --- a/sys/kern/kern_pledge.c +++ b/sys/kern/kern_pledge.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_pledge.c,v 1.203 2017/04/13 04:06:46 guenther Exp $ */ +/* $OpenBSD: kern_pledge.c,v 1.204 2017/04/17 20:22:14 deraadt Exp $ */ /* * Copyright (c) 2015 Nicholas Marriott @@ -1155,9 +1155,12 @@ pledge_ioctl(struct proc *p, long com, struct file *fp) case MTIOCTOP: /* for pax(1) and such, checking tapes... */ if (fp->f_type == DTYPE_VNODE && - vp->v_type == VCHR && - (vp->v_flag & VISTTY) == 0) - return (0); + vp->v_type == VCHR) { + if (vp->v_flag & VISTTY) + return (ENOTTY); + else + return (0); + } break; } } -- cgit v1.2.3