diff options
| author |   mestre <mestre@openbsd.org> | 2019-11-30 14:02:29 +0000 |
|---|---|---|
| committer | mestre <mestre@openbsd.org> | 2019-11-30 14:02:29 +0000 |
| commit | c8d17636e0afa56553e79077ab8f176a2310dc37 (patch) | |
| tree | 21b4590e725f979af3bc0808b1a55a7a4ce32af7 | |
| parent | After fork(2) the pledge(2) in the parent proc can be reduced to (diff) | |
| download | wireguard-openbsd-c8d17636e0afa56553e79077ab8f176a2310dc37.tar.xz wireguard-openbsd-c8d17636e0afa56553e79077ab8f176a2310dc37.zip | |
pcidump(8) only opens devices in O_RDONLY from /dev, and additionally writes a
`romfile' if -r is used, but since I'm only unveiling after that file is
actually opened there's no need to unveil it as well.
OK deraadt@ kn@
| -rw-r--r-- | usr.sbin/pcidump/pcidump.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/usr.sbin/pcidump/pcidump.c b/usr.sbin/pcidump/pcidump.c index 6f159bb9d6a..fd8034d9136 100644 --- a/usr.sbin/pcidump/pcidump.c +++ b/usr.sbin/pcidump/pcidump.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pcidump.c,v 1.55 2019/06/28 13:32:49 deraadt Exp $ */ +/* $OpenBSD: pcidump.c,v 1.56 2019/11/30 14:02:29 mestre Exp $ */ /* * Copyright (c) 2006, 2007 David Gwynne <loki@animata.net> @@ -188,6 +188,11 @@ main(int argc, char *argv[]) err(1, "%s", romfile); } + if (unveil("/dev", "r") == -1) + err(1, "unveil"); + if (unveil(NULL, NULL) == -1) + err(1, "unveil"); + if (hex > 1) size = 256; if (hex > 2) |