CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2026/03/02 09:15:29
Modified files:
sys/kern : kern_pledge.c
Log message:
Stop the canonicalization of the path in pledge_namei() callback since
we know is providing strictly normalized paths, and it leads to a subtle
problem a little bit like a TOCTOU. However, this pathcode can also be
reached by non-libc callers, so we need one validation step: the zoneinfo
sub-directory inspections may not attempt walks upwards through "..", we
don't need to consider symbolic links because root does not place them there.
>From discussions with david leadbeater, ok beck
