diff options
| author |   deraadt <deraadt@openbsd.org> | 2015-10-07 14:17:18 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2015-10-07 14:17:18 +0000 |
| commit | 07222127809b49fad3f5eec82c759524a227f07d (patch) | |
| tree | c69f9be361ff0e5c85ae380db2108e7caccd6db1 | |
| parent | Oops, not quite ready for tame() here. People need time to update (diff) | |
| download | wireguard-openbsd-07222127809b49fad3f5eec82c759524a227f07d.tar.xz wireguard-openbsd-07222127809b49fad3f5eec82c759524a227f07d.zip | |
tame "stdio cpath rpath fattr", unless mkdir -m is passed a mode which
has setuid/setgid/sticky bits.
ok semarie
| -rw-r--r-- | bin/mkdir/mkdir.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/bin/mkdir/mkdir.c b/bin/mkdir/mkdir.c index 1ce449f1697..4529af389f7 100644 --- a/bin/mkdir/mkdir.c +++ b/bin/mkdir/mkdir.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mkdir.c,v 1.25 2013/04/02 20:26:17 naddy Exp $ */ +/* $OpenBSD: mkdir.c,v 1.26 2015/10/07 14:17:18 deraadt Exp $ */ /* $NetBSD: mkdir.c,v 1.14 1995/06/25 21:59:21 mycroft Exp $ */ /* @@ -82,6 +82,11 @@ main(int argc, char *argv[]) argc -= optind; argv += optind; + if (mode & (S_ISUID | S_ISGID | S_ISTXT) == 0) { + if (tame("stdio cpath rpath fattr", NULL) == -1) + err(1, "tame"); + } + if (*argv == NULL) usage(); |