diff options
author | doug <doug@openbsd.org> | 2015-10-16 05:55:23 +0000 |
---|---|---|
committer | doug <doug@openbsd.org> | 2015-10-16 05:55:23 +0000 |
commit | 64e16a717d60d07e8b3d3342ff8f7486cc3c3140 (patch) | |
tree | df5f820772ed136433d515b9dd38226f73474859 /usr.sbin/identd | |
parent | Pledge for ftp(1) in non-interactive mode. (diff) | |
download | wireguard-openbsd-64e16a717d60d07e8b3d3342ff8f7486cc3c3140.tar.xz wireguard-openbsd-64e16a717d60d07e8b3d3342ff8f7486cc3c3140.zip |
Pledge support for the parent/resolver in identd(8).
This limits the resolver to just "stdio getpw" or "stdio getpw rpath"
depending on whether ~/.noident files are checked.
The child/listener cannot use pledge yet because it calls a sysctl that
hasn't been whitelisted.
"commit" deraadt@
Diffstat (limited to 'usr.sbin/identd')
-rw-r--r-- | usr.sbin/identd/identd.c | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/usr.sbin/identd/identd.c b/usr.sbin/identd/identd.c index 2540844b673..57a8500b236 100644 --- a/usr.sbin/identd/identd.c +++ b/usr.sbin/identd/identd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: identd.c,v 1.31 2015/08/20 11:06:35 dlg Exp $ */ +/* $OpenBSD: identd.c,v 1.32 2015/10/16 05:55:23 doug Exp $ */ /* * Copyright (c) 2013 David Gwynne <dlg@openbsd.org> @@ -314,6 +314,9 @@ main(int argc, char *argv[]) lerr(1, "signal(SIGPIPE)"); if (parent) { + if (pledge("stdio proc getpw rpath", NULL) == -1) + err(1, "pledge"); + SIMPLEQ_INIT(&sc.parent.replies); event_set(&proc_rd, sibling, EV_READ | EV_PERSIST, @@ -343,6 +346,16 @@ main(int argc, char *argv[]) setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) lerr(1, "unable to revoke privs"); + if (parent) { + if (noident) { + if (pledge("stdio getpw rpath", NULL) == -1) + err(1, "pledge"); + } else { + if (pledge("stdio getpw", NULL) == -1) + err(1, "pledge"); + } + } + event_add(&proc_rd, NULL); event_dispatch(); return (0); |