prevent users from playing hardlink/symlink/mkfifo games with their offline - wireguard-openbsd - WireGuard implementation for the OpenBSD kernel

diff options

author	gilles <gilles@openbsd.org>	2015-10-02 00:37:53 +0000
committer	gilles <gilles@openbsd.org>	2015-10-02 00:37:53 +0000
commit	cb6e8661a8f91540360973f77bc4d4302abecfa2 (patch)
tree	0f4a8aad21e2280081bdf32416f014d24702038a /usr.bin/ssh/sandbox-systrace.c
parent	introduce imsg_read_nofd() to allow reading imsg while discarding fd's when (diff)
download	wireguard-openbsd-cb6e8661a8f91540360973f77bc4d4302abecfa2.tar.xz wireguard-openbsd-cb6e8661a8f91540360973f77bc4d4302abecfa2.zip

prevent users from playing hardlink/symlink/mkfifo games with their offline

messages and ~/.forward files. this allowed a local user to hang smtpd or even reset chflags and read first line of any arbitrary file. while at it, do not fatal() on unexpected cause of SIGCHLD as this allows a specially crafted mda to cause smtpd to exit. reporte by Qualys Security

Diffstat (limited to 'usr.bin/ssh/sandbox-systrace.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: