thanks, we have removed the wpath promise from pledge(2) on lndir(1)
On 20:19 Thu 05 Mar , shankarapailoor . wrote:
> Hi,
>
> I am using Openbsd 6.5 and noticed that the pledge policy for lndir
> includes wpath but I don't see why this group is necessary. I have removed
> the group and recompiled the binary and it seems to run fine with the test
> script below.
>
> #!/bin/ksh
>
> mkdir -p /home/dir1/subdir1
> mkdir /home/dir2
> mkdir /home/dir3
> mkdir -p /home/dir4/subdir
> touch /home/dir1/exception
> ./lndir /home/dir1 /home/dir2
> ./lndir -e /home/dir1/exception /home/dir1 /home/dir2
> ./lndir -i /home/dir4/ /home/dir3
> ./lndir -s /home/dir4/ /home/dir3
> rm -r /home/dir1 /home/dir2 /home/dir3 /home/dir4
>
> I don't see any environment variables in libc that should be toggled to do
> further testing. Any assistance would be appreciated but in the mean time I
> will continue to do testing.
>
> I have also statically analyzed lndir (including libc) and I can't find an
> open-write or openat-write anywhere.
>
> Regards,
> Shankara Pailoor
