diff options
| author |   deraadt <deraadt@openbsd.org> | 2015-11-16 18:25:18 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2015-11-16 18:25:18 +0000 |
| commit | 0aefaaaa63aa6de2ea734ff2b9d0ba250d3cef5f (patch) | |
| tree | e6bb6fac55020e5dbb62639097dd676c256eee87 | |
| parent | In getdevvp() set the VISTTY flag on a vnode to indicate the underlying (diff) | |
| download | wireguard-openbsd-0aefaaaa63aa6de2ea734ff2b9d0ba250d3cef5f.tar.xz wireguard-openbsd-0aefaaaa63aa6de2ea734ff2b9d0ba250d3cef5f.zip | |
Only perform revoke(2) on tty cdevs. Others paths return ENOTTY.
ok millert semarie tedu guenther
| -rw-r--r-- | lib/libc/sys/revoke.2 | 19 | ||||
| -rw-r--r-- | sys/kern/vfs_syscalls.c | 4 |
2 files changed, 16 insertions, 7 deletions
diff --git a/lib/libc/sys/revoke.2 b/lib/libc/sys/revoke.2 index fc6aaf93d54..453c84a88cd 100644 --- a/lib/libc/sys/revoke.2 +++ b/lib/libc/sys/revoke.2 @@ -1,4 +1,4 @@ -.\" $OpenBSD: revoke.2,v 1.12 2015/05/31 23:54:25 schwarze Exp $ +.\" $OpenBSD: revoke.2,v 1.13 2015/11/16 18:25:18 deraadt Exp $ .\" $NetBSD: revoke.2,v 1.3 1995/10/12 15:41:11 jtc Exp $ .\" .\" Copyright (c) 1993 @@ -33,7 +33,7 @@ .\" .\" @(#)revoke.2 8.1 (Berkeley) 6/4/93 .\" -.Dd $Mdocdate: May 31 2015 $ +.Dd $Mdocdate: November 16 2015 $ .Dt REVOKE 2 .Os .Sh NAME @@ -47,13 +47,12 @@ The .Fn revoke function invalidates all current open file descriptors in the system -for the file named by +for the tty device named by .Fa path . Subsequent operations on any such descriptors fail, with the exceptions that a .Fn read -from a character device file which has been revoked -returns a count of zero (end of file), +from a tty which has been revoked returns a count of zero (end of file), and a .Fn close call will succeed. @@ -64,8 +63,13 @@ is called as if all open references to the file had been closed. Access to a file may be revoked only by its owner or the superuser. The .Fn revoke -function is normally used to prepare a terminal device for a new login session, +function is used to prepare a terminal device for a new login session, preventing any access by a previous user of the terminal. +The +.Xr pty 4 +subsystem has this as an implicit operation, but hardwired +. Xr tty 4 +require the operation. .Sh RETURN VALUES .Rv -std .Sh ERRORS @@ -82,6 +86,9 @@ exceeded bytes. .It Bq Er ENOENT The named file or a component of the path name does not exist. +.It Bq Er ENOTTY +.Ar path +is not associated with a tty special device. .It Bq Er EACCES Search permission is denied for a component of the path prefix. .It Bq Er ELOOP diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c index 12c4a9942c8..a9c54315572 100644 --- a/sys/kern/vfs_syscalls.c +++ b/sys/kern/vfs_syscalls.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vfs_syscalls.c,v 1.240 2015/11/14 22:23:22 deraadt Exp $ */ +/* $OpenBSD: vfs_syscalls.c,v 1.241 2015/11/16 18:25:18 deraadt Exp $ */ /* $NetBSD: vfs_syscalls.c,v 1.71 1996/04/23 10:29:02 mycroft Exp $ */ /* @@ -2828,6 +2828,8 @@ sys_revoke(struct proc *p, void *v, register_t *retval) if ((error = namei(&nd)) != 0) return (error); vp = nd.ni_vp; + if (!(vp->v_flag & VISTTY)) + return (ENOTTY); if ((error = VOP_GETATTR(vp, &vattr, p->p_ucred, p)) != 0) goto out; if (p->p_ucred->cr_uid != vattr.va_uid && |