On Wed, Aug 08, 2018 at 11:26:52AM -0600, Florian Obser wrote: > CVSROOT: /cvs > Module name: src > Changes by: [email protected] 2018/08/08 11:26:52 > > Modified files: > sbin/ifconfig : ifconfig.c > > Log message: > ifconfig cannot be pledged because of its overwhelming amount of > used ioctls. Furthermore due to the way the command line parser is > written it is difficult to apply the traditional first initialize then > pledge pattern. > > unveil(2) gives us a different approach: > By veiling everything with unveil("/", "") and then locking down > unveil with unveil(NULL, NULL) we remove all filesystem access from > ifconfig kind of like giving a regular user a chroot without any > files. > > OK deraadt >
Forgot to mention: We need to special case rulefile since it takes a filename as parameter. So we scan all the args and if we find rulefile we don't do unveil at all. It should be possible to unveil argv+1, "r" but that has not been thought through. -- I'm not entirely sure you are real.
