diff options
| author |   deraadt <deraadt@openbsd.org> | 2015-10-03 04:19:14 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2015-10-03 04:19:14 +0000 |
| commit | 106315206e7186f08922633d3715ee496f143376 (patch) | |
| tree | 9d3c668a0ac4c124de609e4e740a6211e5229fed | |
| parent | BIO_get_fd() could return fd 0; fix error condition. Found at (diff) | |
| download | wireguard-openbsd-106315206e7186f08922633d3715ee496f143376.tar.xz wireguard-openbsd-106315206e7186f08922633d3715ee496f143376.zip | |
gzip can use tame "stdio wpath cpath fattr". this blocks a lot of
system behaviours such as forking, execve, sockets, etc.
in theory this extended by parsing the arguments first, and creating
the whitepathlist. the pathlist probably needs to be directory-oriented,
rather than exact path of files, because a gzip file may specify the
filename it wants (and that won't be available until it is opened, and
partially parsed). anyone want to give this a try?
gzip was an early goal for capsicum. who is running a capsicum gzip?
| -rw-r--r-- | usr.bin/compress/main.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/usr.bin/compress/main.c b/usr.bin/compress/main.c index 60d901027d8..503ddfffadb 100644 --- a/usr.bin/compress/main.c +++ b/usr.bin/compress/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.86 2015/08/30 21:06:24 deraadt Exp $ */ +/* $OpenBSD: main.c,v 1.87 2015/10/03 04:19:14 deraadt Exp $ */ /* * Copyright (c) 1992, 1993 @@ -167,6 +167,9 @@ main(int argc, char *argv[]) char outfile[PATH_MAX], _infile[PATH_MAX], suffix[16]; int bits, ch, error, rc, cflag, oflag; + if (tame("stdio wpath cpath fattr", NULL) == -1) + err(1, "tame"); + bits = cflag = oflag = 0; storename = -1; p = __progname; |