diff options
author | deraadt <deraadt@openbsd.org> | 2015-10-13 15:43:19 +0000 |
---|---|---|
committer | deraadt <deraadt@openbsd.org> | 2015-10-13 15:43:19 +0000 |
commit | 5c94ac0a208933b6c3eb0fd2dadba23dbb0cc137 (patch) | |
tree | 22c3f89ec56954b1a0e572b1913f2c3c6c0d55e7 /usr.sbin/kvm_mkdb | |
parent | Convert ECParameters_dup() from a macro that uses ASN1_dup_of() into an (diff) | |
download | wireguard-openbsd-5c94ac0a208933b6c3eb0fd2dadba23dbb0cc137.tar.xz wireguard-openbsd-5c94ac0a208933b6c3eb0fd2dadba23dbb0cc137.zip |
oops, a chown appears late on the code. to satisfy this pledge
"stdio rpath wpath cpath getpw fattr proc" early on; "proc fattr"
allows doing work with other uids on the file. after opening the
db, do the chown (replace with fchown since we know fd) and then
pledge "stdio rpath"; "rpath" due to tmpfile rename() at the end.
mistake spotted by mpi
Diffstat (limited to 'usr.sbin/kvm_mkdb')
-rw-r--r-- | usr.sbin/kvm_mkdb/kvm_mkdb.c | 25 |
1 files changed, 16 insertions, 9 deletions
diff --git a/usr.sbin/kvm_mkdb/kvm_mkdb.c b/usr.sbin/kvm_mkdb/kvm_mkdb.c index 156cd5711c2..6fc60649ff1 100644 --- a/usr.sbin/kvm_mkdb/kvm_mkdb.c +++ b/usr.sbin/kvm_mkdb/kvm_mkdb.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kvm_mkdb.c,v 1.21 2015/10/12 16:01:53 deraadt Exp $ */ +/* $OpenBSD: kvm_mkdb.c,v 1.22 2015/10/13 15:43:19 deraadt Exp $ */ /*- * Copyright (c) 1990, 1993 @@ -75,7 +75,8 @@ main(int argc, char *argv[]) warn("can't set rlimit data size"); } - if (pledge("stdio rpath wpath cpath getpw", NULL) == -1) + /* getpwnam() and fchown() later */ + if (pledge("stdio rpath wpath cpath getpw fattr proc", NULL) == -1) err(1, "pledge"); strlcpy(dbdir, _PATH_VARDB, sizeof(dbdir)); @@ -163,6 +164,19 @@ kvm_mkdb(int fd, const char *dbdir, char *nlistpath, char *nlistname, warn("can't dbopen %s", dbtemp); return(1); } + + if ((gr = getgrnam("kmem")) == NULL) { + warn("can't find kmem group"); + } else if (fchown(db->fd(db), -1, gr->gr_gid)) { + warn("can't chown %s", dbtemp); + (void)unlink(dbtemp); + return(1); + } + + /* rename() later */ + if (pledge("stdio cpath", NULL) == -1) + err(1, "pledge"); + if (create_knlist(nlistpath, fd, db) != 0) { warn("cannot determine executable type of %s", nlistpath); (void)unlink(dbtemp); @@ -174,13 +188,6 @@ kvm_mkdb(int fd, const char *dbdir, char *nlistpath, char *nlistname, return(1); } - if ((gr = getgrnam("kmem")) == NULL) { - warn("can't find kmem group"); - } else if (chown(dbtemp, -1, gr->gr_gid)) { - warn("can't chown %s", dbtemp); - (void)unlink(dbtemp); - return(1); - } if (rename(dbtemp, dbname)) { warn("rename %s to %s", dbtemp, dbname); (void)unlink(dbtemp); |