CVSROOT: /cvs
Module name: src
Changes by: bry...@cvs.openbsd.org 2019/07/25 08:53:21
Modified files:
sbin/pflogd : pflogd.c
libexec/spamlogd: Makefile spamlogd.c
Log message:
Yet another workaround for crappy libpcap API design
Add an internal version of pcap_open_live that ensures bpf(4) devices
are opened read-only before locking. Neither pflogd(8) or spamlogd(8)
require write access to bpf(4). Inspired by similar solution in
OpenBSD tcpdump(8).
pflogd(8) was safe since being unveiled last year, but spamlogd(8)
was having /dev/bpf opened O_RDWR.
Issue discovered by bluhm@'s unveil(2) accounting commit.
ok deraadt@, mestre@ (thanks for testing spamlogd!)
