like ping, traceroute is a setuid root priv-drop which holds a sockraw. - wireguard-openbsd - WireGuard implementation for the OpenBSD kernel

diff options

author	deraadt <deraadt@openbsd.org>	2015-10-03 02:22:38 +0000
committer	deraadt <deraadt@openbsd.org>	2015-10-03 02:22:38 +0000
commit	4ce763af9e173c9db3a57d3e807b17b9017a5800 (patch)
tree	ea8ea97a052f54eaaa4c216b79b0bdb48193f73f /usr.bin/patch/patch.c
parent	uniq has a complicated initialization around getopt. beforehands, we (diff)
download	wireguard-openbsd-4ce763af9e173c9db3a57d3e807b17b9017a5800.tar.xz wireguard-openbsd-4ce763af9e173c9db3a57d3e807b17b9017a5800.zip

like ping, traceroute is a setuid root priv-drop which holds a sockraw.

we can tame it substantially with "stdio inet", plus "dns" if the -n option is missing. a successful exploit against it then cannot create files, or perform a variety of other operations, as described in the tame(2) man page. florian helped me a fair bit hoisting initization code upwards in ping, ping6, and traceroute, to make tame work here.

Diffstat (limited to 'usr.bin/patch/patch.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: