On Thu, Apr 23, 2020 at 11:20:45AM +0200, Hiltjo Posthuma wrote:
> > beta$ ps ax | grep unveiltest
> > 40907 pg S+U 0:00.01 ./unveiltest
> > 40013 ph R+/2 0:00.00 grep unveiltest
<some cut>
> Hi,
>
> Below the quoted part it says in the man page:
>
> " After establishing a collection of path and permissions rules, future
> calls to unveil() can be disabled by passing two NULL arguments.
> Alternatively, pledge(2) may be used to remove the "unveil" promise."
>
> So you could use the code:
>
> if (unveil("/", "") == -1)
> err(1, "unveil");
> if (unveil(NULL, NULL) == -1)
> err(1, "unveil");
>
> For example see netcat, vmstat.
>
> By the way, maybe it's intentional but perror does not exit the program. The
> often used pattern is to use:
>
> err(1, "unveil");
>
> --
> Kind regards,
> Hiltjo
>
Oh I see so passing a blank ("") unveil creates that! Ok! Thank you!
I have another problem I was hoping you'd be able to shed light on. I'm
not sure if it's a bug or not. I have extended the program a little, here
it is:
---------->
#include <sys/types.h>
#include <unistd.h>
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
#include <err.h>
#define SETPROCTITLE 1
#define CHROOT 1
#define SETGROUPS 1
#define WITH_PLEDGE 1
#define WITH_PARENTPLEDGE 1
void func(void);
int
main(void)
{
pid_t pid;
gid_t group;
pid = fork();
switch (pid) {
case -1:
err(1, "fork");
case 0:
#if SETPROCTITLE
setproctitle("peter was here");
#endif
#if CHROOT
if (chroot("/tmp") == -1)
err(1, "chroot");
if (chdir("/") == -1)
err(1, "chdir");
#endif
#if SETGROUPS
group = 1000;
if (setgroups(1, &group) == -1) {
err(1, "setgroups");
}
if (setresgid(1000, 1000, 1000) == -1)
err(1, "setresgid");
if (setresuid(1000, 1000, 1000) == -1)
err(1, "setresuid");
#endif
if (unveil("/", "") == -1)
err(1, "unveil");
if (unveil(NULL, NULL) == -1)
err(1, "unveil");
#if WITH_PLEDGE
if (pledge("stdio", NULL) == -1)
err(1, "pledge");
#endif
func();
exit(1);
default:
break;
}
#if WITH_PARENTPLEDGE
if (pledge("stdio id proc cpath rpath unveil", NULL) == -1) {
err(1, "pledge");
}
#endif
for (;;)
sleep(1);
}
void
func()
{
int fd;
for (;;) {
#if 0
if ((fd = open("/etc/motd", O_RDONLY, 0)) < 0)
perror("open");
else
close(fd);
#endif
sleep(1);
}
}
<----------
Watch what happens when you set WITH_PLEDGE to 0 and back to 1 in a ps.
It loses the U flag in a ps ax. I've been chasing this condition for a
while now I think it's a kernel bug. Can you concur or is my system odd?
WITH_PLEDGE set to 1:
beta$ ps ax | grep unveiltest
24089 p7 S+p 0:00.01 ./unveiltest
63901 p7 S+p 0:00.01 unveiltest: peter was here (unveiltest)
WITH_PLEDGE set to 0:
beta$ ps ax | grep unveiltest
87932 p7 S+p 0:00.19 ./unveiltest
74818 p7 S+U 0:00.00 unveiltest: peter was here (unveiltest)
I'm basically copying out the functions of a program of mine here in an
effort to see a U flag on the processes.
Best regards,
-peter
