Re: simple ifstated pledge

2017-07-24 Thread Sebastian Benoit 

ok benno@

Jeremie Courreges-Anglas(j...@wxcvbn.org) on 2017.07.23 02:10:35 +0200:
> On Sat, Jul 22 2017, Rob Pierce  wrote:
> > On Sun, Jul 23, 2017 at 12:26:53AM +0200, Jeremie Courreges-Anglas wrote:
> >> On Sat, Jul 22 2017, Rob Pierce  wrote:
> >> > With the most recent commit ifstated can now be pledged in a straight 
> >> > forward
> >> > manner. A better pledge is possible with more work.
> >> >
> >> > Does it make sense to get this one in now?
> >> 
> >> Regress tests pass.  I think this is the way to go.  ok jca@
> >
> > I just realized that we can do a stricter pledge with route instead of inet.
> 
> This sounds looks even better.
> 
> > Rob
> >
> > Index: ifstated.c
> > ===
> > RCS file: /cvs/src/usr.sbin/ifstated/ifstated.c,v
> > retrieving revision 1.53
> > diff -u -p -r1.53 ifstated.c
> > --- ifstated.c  22 Jul 2017 19:52:01 -  1.53
> > +++ ifstated.c  22 Jul 2017 23:36:15 -
> > @@ -159,6 +159,9 @@ main(int argc, char *argv[])
> > &rtfilter, sizeof(rtfilter)) == -1) /* not fatal */
> > log_warn("%s: setsockopt tablefilter", __func__);
> >  
> > +   if (pledge("stdio rpath route proc exec", NULL) == -1)
> > +   fatal("pledge");
> > +
> > signal_set(&sigchld_ev, SIGCHLD, sigchld_handler, NULL);
> > signal_add(&sigchld_ev, NULL);
> >  
> >
> 
> -- 
> jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE 1524 E7EE
>

Re: simple ifstated pledge

2017-07-22 Thread Jeremie Courreges-Anglas 
On Sat, Jul 22 2017, Rob Pierce  wrote:
> On Sun, Jul 23, 2017 at 12:26:53AM +0200, Jeremie Courreges-Anglas wrote:
>> On Sat, Jul 22 2017, Rob Pierce  wrote:
>> > With the most recent commit ifstated can now be pledged in a straight 
>> > forward
>> > manner. A better pledge is possible with more work.
>> >
>> > Does it make sense to get this one in now?
>> 
>> Regress tests pass.  I think this is the way to go.  ok jca@
>
> I just realized that we can do a stricter pledge with route instead of inet.

This sounds looks even better.

> Rob
>
> Index: ifstated.c
> ===
> RCS file: /cvs/src/usr.sbin/ifstated/ifstated.c,v
> retrieving revision 1.53
> diff -u -p -r1.53 ifstated.c
> --- ifstated.c22 Jul 2017 19:52:01 -  1.53
> +++ ifstated.c22 Jul 2017 23:36:15 -
> @@ -159,6 +159,9 @@ main(int argc, char *argv[])
>   &rtfilter, sizeof(rtfilter)) == -1) /* not fatal */
>   log_warn("%s: setsockopt tablefilter", __func__);
>  
> + if (pledge("stdio rpath route proc exec", NULL) == -1)
> + fatal("pledge");
> +
>   signal_set(&sigchld_ev, SIGCHLD, sigchld_handler, NULL);
>   signal_add(&sigchld_ev, NULL);
>  
>

-- 
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE 1524 E7EE

Re: simple ifstated pledge

2017-07-22 Thread Rob Pierce 
On Sun, Jul 23, 2017 at 12:26:53AM +0200, Jeremie Courreges-Anglas wrote:
> On Sat, Jul 22 2017, Rob Pierce  wrote:
> > With the most recent commit ifstated can now be pledged in a straight 
> > forward
> > manner. A better pledge is possible with more work.
> >
> > Does it make sense to get this one in now?
> 
> Regress tests pass.  I think this is the way to go.  ok jca@

I just realized that we can do a stricter pledge with route instead of inet.

Rob

Index: ifstated.c
===
RCS file: /cvs/src/usr.sbin/ifstated/ifstated.c,v
retrieving revision 1.53
diff -u -p -r1.53 ifstated.c
--- ifstated.c  22 Jul 2017 19:52:01 -  1.53
+++ ifstated.c  22 Jul 2017 23:36:15 -
@@ -159,6 +159,9 @@ main(int argc, char *argv[])
&rtfilter, sizeof(rtfilter)) == -1) /* not fatal */
log_warn("%s: setsockopt tablefilter", __func__);
 
+   if (pledge("stdio rpath route proc exec", NULL) == -1)
+   fatal("pledge");
+
signal_set(&sigchld_ev, SIGCHLD, sigchld_handler, NULL);
signal_add(&sigchld_ev, NULL);

Re: simple ifstated pledge

2017-07-22 Thread Jeremie Courreges-Anglas 
On Sat, Jul 22 2017, Rob Pierce  wrote:
> With the most recent commit ifstated can now be pledged in a straight forward
> manner. A better pledge is possible with more work.
>
> Does it make sense to get this one in now?

Regress tests pass.  I think this is the way to go.  ok jca@

> Rob
>
> Index: ifstated.c
> ===
> RCS file: /cvs/src/usr.sbin/ifstated/ifstated.c,v
> retrieving revision 1.52
> diff -u -p -r1.52 ifstated.c
> --- ifstated.c21 Jul 2017 16:32:18 -  1.52
> +++ ifstated.c22 Jul 2017 03:58:23 -
> @@ -160,6 +160,9 @@ main(int argc, char *argv[])
>   &rtfilter, sizeof(rtfilter)) == -1) /* not fatal */
>   log_warn("%s: setsockopt tablefilter", __func__);
>  
> + if (pledge("stdio rpath inet proc exec", NULL) == -1)
> + fatal("pledge");
> +
>   signal_set(&sigchld_ev, SIGCHLD, sigchld_handler, NULL);
>   signal_add(&sigchld_ev, NULL);
>  
>

-- 
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE 1524 E7EE

simple ifstated pledge

2017-07-21 Thread Rob Pierce 
With the most recent commit ifstated can now be pledged in a straight forward
manner. A better pledge is possible with more work.

Does it make sense to get this one in now?

Rob

Index: ifstated.c
===
RCS file: /cvs/src/usr.sbin/ifstated/ifstated.c,v
retrieving revision 1.52
diff -u -p -r1.52 ifstated.c
--- ifstated.c  21 Jul 2017 16:32:18 -  1.52
+++ ifstated.c  22 Jul 2017 03:58:23 -
@@ -160,6 +160,9 @@ main(int argc, char *argv[])
&rtfilter, sizeof(rtfilter)) == -1) /* not fatal */
log_warn("%s: setsockopt tablefilter", __func__);
 
+   if (pledge("stdio rpath inet proc exec", NULL) == -1)
+   fatal("pledge");
+
signal_set(&sigchld_ev, SIGCHLD, sigchld_handler, NULL);
signal_add(&sigchld_ev, NULL);