diff options
| author |   deraadt <deraadt@openbsd.org> | 2015-10-06 15:39:44 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2015-10-06 15:39:44 +0000 |
| commit | 350a56c6d0b3f4e22d3e31f240aba375864da78d (patch) | |
| tree | 48bbf93c90e6a5eb33b51e473a04b88cde556cf8 | |
| parent | add some tests for rpath, wpath, cpath (diff) | |
| download | wireguard-openbsd-350a56c6d0b3f4e22d3e31f240aba375864da78d.tar.xz wireguard-openbsd-350a56c6d0b3f4e22d3e31f240aba375864da78d.zip | |
Move from tame "cmsg" to tame "sendfd" or "recvfd", depending on which
way the process moves fd's.
| -rw-r--r-- | usr.bin/file/file.c | 6 | ||||
| -rw-r--r-- | usr.sbin/bgpd/session.c | 4 | ||||
| -rw-r--r-- | usr.sbin/tcpdump/privsep.c | 4 |
3 files changed, 7 insertions, 7 deletions
diff --git a/usr.bin/file/file.c b/usr.bin/file/file.c index f6e13e9bca1..1ac228c3f91 100644 --- a/usr.bin/file/file.c +++ b/usr.bin/file/file.c @@ -1,4 +1,4 @@ -/* $OpenBSD: file.c,v 1.50 2015/10/05 06:23:34 deraadt Exp $ */ +/* $OpenBSD: file.c,v 1.51 2015/10/06 15:39:44 deraadt Exp $ */ /* * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org> @@ -351,7 +351,7 @@ child(int fd, pid_t parent, int argc, char **argv) int i, idx; size_t len, width = 0; - if (tame("stdio cmsg getpw proc", NULL) == -1) + if (tame("stdio getpw proc recvfd", NULL) == -1) err(1, "tame"); if (geteuid() == 0) { @@ -366,7 +366,7 @@ child(int fd, pid_t parent, int argc, char **argv) err(1, "setresuid"); } - if (tame("stdio cmsg", NULL) == -1) + if (tame("stdio recvfd", NULL) == -1) err(1, "tame"); m = magic_load(magicfp, magicpath, cflag || Wflag); diff --git a/usr.sbin/bgpd/session.c b/usr.sbin/bgpd/session.c index bd725af0b66..7ba006a5c9d 100644 --- a/usr.sbin/bgpd/session.c +++ b/usr.sbin/bgpd/session.c @@ -1,4 +1,4 @@ -/* $OpenBSD: session.c,v 1.341 2015/10/05 16:16:41 deraadt Exp $ */ +/* $OpenBSD: session.c,v 1.342 2015/10/06 15:39:44 deraadt Exp $ */ /* * Copyright (c) 2003, 2004, 2005 Henning Brauer <henning@openbsd.org> @@ -219,7 +219,7 @@ session_main(int debug, int verbose) setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) fatal("can't drop privileges"); - if (tame("stdio inet cmsg", NULL) == -1) + if (tame("stdio inet recvfd", NULL) == -1) err(1, "tame"); signal(SIGTERM, session_sighdlr); diff --git a/usr.sbin/tcpdump/privsep.c b/usr.sbin/tcpdump/privsep.c index dc1ab16392b..c57053e68ef 100644 --- a/usr.sbin/tcpdump/privsep.c +++ b/usr.sbin/tcpdump/privsep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: privsep.c,v 1.36 2015/10/03 00:51:08 deraadt Exp $ */ +/* $OpenBSD: privsep.c,v 1.37 2015/10/06 15:39:44 deraadt Exp $ */ /* * Copyright (c) 2003 Can Erkin Acar @@ -281,7 +281,7 @@ priv_init(int argc, char **argv) case PRIV_INIT_DONE: test_state(cmd, STATE_RUN); impl_init_done(socks[0], &bpfd); - if (tame("malloc cmsg inet ioctl dns rpath", NULL) == -1) + if (tame("stdio rpath inet unix ioctl dns recvfd", NULL) == -1) err(1, "tame"); break; case PRIV_GETHOSTBYADDR: |