CVSROOT: /cvs Module name: src Changes by: [email protected] 2019/04/30 11:05:15
Modified files:
usr.sbin/hotplugd: hotplugd.c
Log message:
Restrict filesystem access with unveil(2):
First it needs to open(2) `device' with read permissions, /dev/hotplug by
default but can be changed via arguments. Then it needs read/execute on both
_PATH_ETC_HOTPLUG_{ATTACH,DETACH} to access(2) and execl(3) them.
ok deraadt@
