CVSROOT: /cvs
Module name: src
Changes by: dera...@cvs.openbsd.org 2025/06/18 07:50:02
Modified files:
lib/libc/asr : asr.c
Log message:
Periodic re-check of /etc/resolv.conf was done with stat(), then open(),
then parse. This is not a TOCTOU because there is no data dependency
problem.
However, this is intricately tied into an undocumented secret contract
between libc and kernel for pledge("dns"), where a pledge_namei() callback
checks which path & system call is doing the operation. I had to
add a SYS_stat check rather than relying on just the SYS_open check.
I prefer to be reduce the sneakiness.
In a year after statically-linked binaries have been replaced everywhere,
I can tighten the pledge_namei() check by removing the SYS_stat check.
ok dlg guenther florian
