No longer need tricks with setvbuf(). Instead, we just give permission

to call fstat() and fcntl().
ok nicm

2 files changed, 4 insertions, 10 deletions

diff --git a/usr.bin/file/file.c b/usr.bin/file/file.c
index 0c2707d9d8e..c6b3af73ea8 100644
--- a/usr.bin/file/file.c
+++ b/usr.bin/file/file.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: file.c,v 1.37 2015/04/28 02:26:43 lteo Exp $ */
+/* $OpenBSD: file.c,v 1.38 2015/05/18 11:57:52 deraadt Exp $ */
 
 /*
  * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
@@ -186,7 +186,6 @@ main(int argc, char **argv)
 	}
 	if (magicfp == NULL)
 		err(1, "%s", magicpath);
-	setvbuf(magicfp, NULL, _IOLBF, 0); /* stops stdio calling fstat */
 
 	parent = getpid();
 	if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, pair) != 0)
diff --git a/usr.bin/file/sandbox.c b/usr.bin/file/sandbox.c
index a4d42cf077f..5c6472d3622 100644
--- a/usr.bin/file/sandbox.c
+++ b/usr.bin/file/sandbox.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sandbox.c,v 1.4 2015/04/30 14:30:53 nicm Exp $ */
+/* $OpenBSD: sandbox.c,v 1.5 2015/05/18 11:57:52 deraadt Exp $ */
 
 /*
  * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
@@ -42,6 +42,8 @@ static const struct
 
 	{ SYS_close, SYSTR_POLICY_PERMIT },
 	{ SYS_exit, SYSTR_POLICY_PERMIT },
+	{ SYS_fcntl, SYSTR_POLICY_PERMIT },
+	{ SYS_fstat, SYSTR_POLICY_PERMIT },
 	{ SYS_getdtablecount, SYSTR_POLICY_PERMIT },
 	{ SYS_getentropy, SYSTR_POLICY_PERMIT },
 	{ SYS_getpid, SYSTR_POLICY_PERMIT },
@@ -78,13 +80,6 @@ sandbox_child(const char *user)
 {
 	struct passwd	*pw;
 
-	/*
-	 * If we don't set stream buffering explicitly, stdio calls isatty()
-	 * which means ioctl() - too nasty to let through the systrace policy.
-	 */
-	setvbuf(stdout, NULL, _IOLBF, 0);
-	setvbuf(stderr, NULL, _IONBF, 0);
-
 	if (geteuid() == 0) {
 		pw = getpwnam(user);
 		if (pw == NULL)