diff options
| author |   deraadt <deraadt@openbsd.org> | 2015-10-06 03:25:02 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2015-10-06 03:25:02 +0000 |
| commit | d2f658a972cf4ff38f61aa9d796b3cb471034bb1 (patch) | |
| tree | c3add9e679550c7337961bda9e831413b773868b /usr.bin/write/write.c | |
| parent | adapt to recent sshkey_parse_private_fileblob() API change (diff) | |
| download | wireguard-openbsd-d2f658a972cf4ff38f61aa9d796b3cb471034bb1.tar.xz wireguard-openbsd-d2f658a972cf4ff38f61aa9d796b3cb471034bb1.zip | |
unfortunately tame "stdio" can only happen well after the sequence of:
utmp parsing, tty opening, setresgid to drop privs. it only protects
a basic io loop.
discussed with doug
Diffstat (limited to 'usr.bin/write/write.c')
| -rw-r--r-- | usr.bin/write/write.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/usr.bin/write/write.c b/usr.bin/write/write.c index 1f7f10a2474..d239d27482c 100644 --- a/usr.bin/write/write.c +++ b/usr.bin/write/write.c @@ -1,4 +1,4 @@ -/* $OpenBSD: write.c,v 1.29 2015/10/05 07:09:46 deraadt Exp $ */ +/* $OpenBSD: write.c,v 1.30 2015/10/06 03:25:02 deraadt Exp $ */ /* $NetBSD: write.c,v 1.5 1995/08/31 21:48:32 jtc Exp $ */ /* @@ -246,6 +246,13 @@ do_write(char *tty, char *mytty, uid_t myuid) if (setresgid(gid, gid, gid) == -1) err(1, "setresgid"); + /* + * Unfortunately this is rather late - well after utmp + * parsing, then pinned by the tty open and setresgid + */ + if (tame("stdio", NULL) == -1) + err(1, "tame"); + (void)signal(SIGINT, done); (void)signal(SIGHUP, done); |