diff options
| author |   mestre <mestre@openbsd.org> | 2018-08-04 11:07:14 +0000 |
|---|---|---|
| committer | mestre <mestre@openbsd.org> | 2018-08-04 11:07:14 +0000 |
| commit | bf3450a9cfcd43400ed9ded8f001b182d471a264 (patch) | |
| tree | eebea29fb6033a9302be64bf896bd829c3e60029 | |
| parent | Leave the control socket behind on shutdown. It doesn't hurt anyone. (diff) | |
| download | wireguard-openbsd-bf3450a9cfcd43400ed9ded8f001b182d471a264.tar.xz wireguard-openbsd-bf3450a9cfcd43400ed9ded8f001b182d471a264.zip | |
Revert back previous commit, we have decided that socket files don't cause any
harm if not deleted after the daemon is shutdown and at the same time we also
tackle another attack surface by not allowing the program to create/delete
any more files (by removing "cpath" promise from pledge(2)).
Discussion initiated by a question from deraadt@ OK florian@
| -rw-r--r-- | usr.sbin/ntpd/control.c | 9 | ||||
| -rw-r--r-- | usr.sbin/ntpd/ntpd.c | 5 | ||||
| -rw-r--r-- | usr.sbin/ntpd/ntpd.h | 3 |
3 files changed, 4 insertions, 13 deletions
diff --git a/usr.sbin/ntpd/control.c b/usr.sbin/ntpd/control.c index e726b8e574f..aa3b789768c 100644 --- a/usr.sbin/ntpd/control.c +++ b/usr.sbin/ntpd/control.c @@ -1,4 +1,4 @@ -/* $OpenBSD: control.c,v 1.12 2017/01/09 14:04:31 krw Exp $ */ +/* $OpenBSD: control.c,v 1.13 2018/08/04 11:07:14 mestre Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -99,13 +99,6 @@ control_shutdown(int fd) close(fd); } -void -control_cleanup(const char *path) -{ - if (path) - unlink(path); -} - int control_accept(int listenfd) { diff --git a/usr.sbin/ntpd/ntpd.c b/usr.sbin/ntpd/ntpd.c index aba1322392b..664fff4b2b6 100644 --- a/usr.sbin/ntpd/ntpd.c +++ b/usr.sbin/ntpd/ntpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ntpd.c,v 1.114 2018/08/02 13:05:34 mestre Exp $ */ +/* $OpenBSD: ntpd.c,v 1.115 2018/08/04 11:07:14 mestre Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -244,7 +244,7 @@ main(int argc, char *argv[]) * Constraint processes are forked with certificates in memory, * then privdrop into chroot before speaking to the outside world. */ - if (pledge("stdio rpath cpath inet settime proc exec id", NULL) == -1) + if (pledge("stdio rpath inet settime proc exec id", NULL) == -1) err(1, "pledge"); while (quit == 0) { @@ -327,7 +327,6 @@ main(int argc, char *argv[]) msgbuf_clear(&ibuf->w); free(ibuf); - control_cleanup(CTLSOCKET); log_info("Terminating"); return (0); } diff --git a/usr.sbin/ntpd/ntpd.h b/usr.sbin/ntpd/ntpd.h index 30ef206b472..deaf2a9afa5 100644 --- a/usr.sbin/ntpd/ntpd.h +++ b/usr.sbin/ntpd/ntpd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ntpd.h,v 1.135 2017/05/30 23:30:48 benno Exp $ */ +/* $OpenBSD: ntpd.h,v 1.136 2018/08/04 11:07:14 mestre Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -397,7 +397,6 @@ void ntp_dns(struct ntpd_conf *, struct passwd *); int control_init(char *); int control_listen(int); void control_shutdown(int); -void control_cleanup(const char *); int control_accept(int); struct ctl_conn *control_connbyfd(int); int control_close(int); |