diff options
| author |   beck <beck@openbsd.org> | 2018-07-30 00:30:15 +0000 |
|---|---|---|
| committer | beck <beck@openbsd.org> | 2018-07-30 00:30:15 +0000 |
| commit | b7996f0bbcaa0720d74f718d16fef7312006fea3 (patch) | |
| tree | c5893df971057a65f0cce26c73769ddca666f307 /lib/libc | |
| parent | Allow for us to do a CREATE style lookup on a read only filesystem (diff) | |
| download | wireguard-openbsd-b7996f0bbcaa0720d74f718d16fef7312006fea3.tar.xz wireguard-openbsd-b7996f0bbcaa0720d74f718d16fef7312006fea3.zip | |
document the current limitation (we don't yet find an above covering
unveil for relative operations) that I am working on in BUGS
Diffstat (limited to 'lib/libc')
| -rw-r--r-- | lib/libc/sys/unveil.2 | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/lib/libc/sys/unveil.2 b/lib/libc/sys/unveil.2 index 4c3a9b0ff8e..69dbd327dbf 100644 --- a/lib/libc/sys/unveil.2 +++ b/lib/libc/sys/unveil.2 @@ -1,4 +1,4 @@ -.\" $OpenBSD: unveil.2,v 1.6 2018/07/28 18:06:30 deraadt Exp $ +.\" $OpenBSD: unveil.2,v 1.7 2018/07/30 00:30:15 beck Exp $ .\" .\" Copyright (c) 2018 Bob Beck <beck@openbsd.org> .\" @@ -14,7 +14,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: July 28 2018 $ +.Dd $Mdocdate: July 30 2018 $ .Dt UNVEIL 2 .Os .Sh NAME @@ -155,6 +155,16 @@ was not accessible, or .Nm was called after it was locked. .El +.Sh BUGS +Filesystem lookups work today when they cross an +.Fn unveil +during +.Xr namei 9 lookup in the kernel. A program that +does relative operations below a higher +.Fn unveil +may currently not see the parts of the filesystem +underneath the high level unveil. This is actively +being worked on. .Sh HISTORY The .Fn unveil |