diff options
| author |   mestre <mestre@openbsd.org> | 2016-03-14 15:26:52 +0000 |
|---|---|---|
| committer | mestre <mestre@openbsd.org> | 2016-03-14 15:26:52 +0000 |
| commit | f4cd975ed2f6401c6381f96b8b1be735564a72dc (patch) | |
| tree | 9bda4714a2fd6cafe7a2cfe48ce29a0cccd3d0f3 /lib/libc | |
| parent | (char *)0 -> NULL (diff) | |
| download | wireguard-openbsd-f4cd975ed2f6401c6381f96b8b1be735564a72dc.tar.xz wireguard-openbsd-f4cd975ed2f6401c6381f96b8b1be735564a72dc.zip | |
Remove doaccess variable and access(2) call since this interfers with
applications like zdump(8) because pledge(2) doesn't allow access(2) to
/usr/share/zoneinfo.
millert@ better described why this call can go away:
"This looks like an attempt to do access checks based on the real uid instead
of the effective uid. Basically for setuid programs we don't want to allow a
user to set TZ to a path they should not be able to otherwise access.
However, we already have a check for issetugid() above so I think the doaccess
bits can just be removed and we can rely on open()."
After discussion with tb@, deraadt@ and millert@, this was also OK'ed by them
Diffstat (limited to 'lib/libc')
| -rw-r--r-- | lib/libc/time/localtime.c | 13 |
1 files changed, 2 insertions, 11 deletions
diff --git a/lib/libc/time/localtime.c b/lib/libc/time/localtime.c index 94a3e3bd425..f05340db3b9 100644 --- a/lib/libc/time/localtime.c +++ b/lib/libc/time/localtime.c @@ -1,4 +1,4 @@ -/* $OpenBSD: localtime.c,v 1.57 2015/12/12 21:25:44 mmcc Exp $ */ +/* $OpenBSD: localtime.c,v 1.58 2016/03/14 15:26:52 mestre Exp $ */ /* ** This file is in the public domain, so clarified as of ** 1996-06-05 by Arthur David Olson. @@ -328,7 +328,6 @@ tzload(const char *name, struct state *sp, int doextend) 4 * TZ_MAX_TIMES]; } u_t; u_t * up; - int doaccess; char fullname[PATH_MAX]; up = calloc(1, sizeof *up); @@ -346,8 +345,7 @@ tzload(const char *name, struct state *sp, int doextend) if (name[0] == ':') ++name; - doaccess = name[0] == '/'; - if (!doaccess) { + if (name[0] != '/') { if ((p = TZDIR) == NULL) goto oops; if ((strlen(p) + strlen(name) + 1) >= sizeof fullname) @@ -355,15 +353,8 @@ tzload(const char *name, struct state *sp, int doextend) strlcpy(fullname, p, sizeof fullname); strlcat(fullname, "/", sizeof fullname); strlcat(fullname, name, sizeof fullname); - /* - ** Set doaccess if '.' (as in "../") shows up in name. - */ - if (strchr(name, '.') != NULL) - doaccess = TRUE; name = fullname; } - if (doaccess && access(name, R_OK) != 0) - goto oops; if ((fid = open(name, O_RDONLY)) == -1) goto oops; |