Decouple unveil from the pledge flags, by adding dedicated unveil flags

to the namei args. This fixes a bug where chmod would be allowed when with only READ. This also allows some further cleanup of some awkward things like PLEDGE_STAT that will follow Lots of assistence from semarie@ - thanks! ok semarie@
author: beck <beck@openbsd.org> 2018-08-05 14:23:57 +0000
committer: beck <beck@openbsd.org> 2018-08-05 14:23:57 +0000
commit: e1a6e22610ac903571d6f6d9b3fe485ff45b5a75 (patch)
tree: 93f7c3ebd3d691ab4cf4f536d1a6322f766718a7 /sys/kern/tty.c
parent: Remove unnecessary NULL check from get_cert_by_subject since (diff)
download: wireguard-openbsd-e1a6e22610ac903571d6f6d9b3fe485ff45b5a75.tar.xz
wireguard-openbsd-e1a6e22610ac903571d6f6d9b3fe485ff45b5a75.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/sys/kern/tty.c b/sys/kern/tty.c
index 3c380146368..64937306f00 100644
--- a/sys/kern/tty.c
+++ b/sys/kern/tty.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tty.c,v 1.141 2018/06/16 13:55:03 deraadt Exp $	*/
+/*	$OpenBSD: tty.c,v 1.142 2018/08/05 14:23:57 beck Exp $	*/
 /*	$NetBSD: tty.c,v 1.68.4.2 1996/06/06 16:04:52 thorpej Exp $	*/
 
 /*-
@@ -792,6 +792,7 @@ ttioctl(struct tty *tp, u_long cmd, caddr_t data, int flag, struct proc *p)
 			/* ensure user can open the real console */
 			NDINIT(&nid, LOOKUP, FOLLOW, UIO_SYSSPACE, "/dev/console", p);
 			nid.ni_pledge = PLEDGE_RPATH | PLEDGE_WPATH;
+			nid.ni_unveil = UNVEIL_READ | UNVEIL_WRITE;
 			error = namei(&nid);
 			if (error)
 				return (error);
author	beck <beck@openbsd.org>	2018-08-05 14:23:57 +0000
committer	beck <beck@openbsd.org>	2018-08-05 14:23:57 +0000
commit	e1a6e22610ac903571d6f6d9b3fe485ff45b5a75 (patch)
tree	93f7c3ebd3d691ab4cf4f536d1a6322f766718a7 /sys/kern/tty.c
parent	Remove unnecessary NULL check from get_cert_by_subject since (diff)
download	wireguard-openbsd-e1a6e22610ac903571d6f6d9b3fe485ff45b5a75.tar.xz wireguard-openbsd-e1a6e22610ac903571d6f6d9b3fe485ff45b5a75.zip