Re: Add pledge(2) for rebound(8)'s parent proc

2017-06-16 Thread Ricardo Mestre 
Ugh! :\ You're right, and that sysctl is not allowed by pledge(2).

Please disregard this diff.

On 18:00 Fri 16 Jun , Sebastien Marie wrote:
> On Fri, Jun 16, 2017 at 03:53:09PM +0100, Ricardo Mestre wrote:
> > Hi tech@
> > 
> > rebound(8)'s parent proc doesn't seem to need much permissions to do what it
> > needs, here is the pledge for the parent for the following promises:
> > 
> > rpath: reload the configuration at reexec time (see below)
> > proc/exec: needed to reexec itself and kill child if needed
> > 
> 
> rebound will not be able to restore dnsjacking on exit.
> 
> there is an atexit() call with resetport function.
> 
> At exit, the function should be able to set { CTL_KERN, KERN_DNSJACKPORT },
> and it will not be able to do that if pledged.
> 
> -- 
> Sebastien Marie

Re: Add pledge(2) for rebound(8)'s parent proc

2017-06-16 Thread Sebastien Marie 
On Fri, Jun 16, 2017 at 03:53:09PM +0100, Ricardo Mestre wrote:
> Hi tech@
> 
> rebound(8)'s parent proc doesn't seem to need much permissions to do what it
> needs, here is the pledge for the parent for the following promises:
> 
> rpath: reload the configuration at reexec time (see below)
> proc/exec: needed to reexec itself and kill child if needed
> 

rebound will not be able to restore dnsjacking on exit.

there is an atexit() call with resetport function.

At exit, the function should be able to set { CTL_KERN, KERN_DNSJACKPORT },
and it will not be able to do that if pledged.

-- 
Sebastien Marie

Add pledge(2) for rebound(8)'s parent proc

2017-06-16 Thread Ricardo Mestre 
Hi tech@

rebound(8)'s parent proc doesn't seem to need much permissions to do what it
needs, here is the pledge for the parent for the following promises:

rpath: reload the configuration at reexec time (see below)
proc/exec: needed to reexec itself and kill child if needed

Comments? OK?

Index: rebound.c
===
RCS file: /cvs/src/usr.sbin/rebound/rebound.c,v
retrieving revision 1.84
diff -u -p -u -r1.84 rebound.c
--- rebound.c   31 May 2017 04:52:11 -  1.84
+++ rebound.c   16 Jun 2017 14:07:40 -
@@ -996,5 +996,8 @@ main(int argc, char **argv)
logerr("daemon: %s", strerror(errno));
daemonized = 1;
 
+   if (pledge("stdio rpath proc exec", NULL) == -1)
+   logerr("pledge failed");
+
return monitorloop(ud, ld, ud6, ld6, confname);
 }