----- Original Message -----
> From: "Bryan Steele" <[email protected]>
> To: "tech" <[email protected]>
> Sent: Thursday, August 2, 2018 1:24:48 PM
> Subject: Re: please test: unveil for ifconfig
> On Thu, Aug 02, 2018 at 07:04:31PM +0200, Florian Obser wrote:
> > I have been told that this is going to fall into snaps soon. If you
> > are doing weird (or normal) things with ifconfig, please test.
> > In particular if you use rulefile.
> > Thanks!
> > diff --git ifconfig.c ifconfig.c
> > index 9bfb1751aab..873aed5bcc7 100644
> > --- ifconfig.c
> > +++ ifconfig.c
> > @@ -676,10 +676,13 @@ main(int argc, char *argv[])
> > int create = 0;
> > int Cflag = 0;
> > int gflag = 0;
> > + int found_rulefile = 0;
> > int i;
> > /* If no args at all, print all interfaces. */
> > if (argc < 2) {
> > + if (unveil(NULL, NULL) == -1)
> > + err(1, "unveil");
> > aflag = 1;
> > printif(NULL, 0);
> > return (0);
> > @@ -721,6 +724,18 @@ main(int argc, char *argv[])
> > } else if (strlcpy(name, *argv, sizeof(name)) >= IFNAMSIZ)
> > errx(1, "interface name '%s' too long", *argv);
> > argc--, argv++;
> > +
> > + for (i = 0; i < argc; i++) {
> > + if (strcmp(argv[0], "rulefile") == 0) {
> > + found_rulefile = 1;
> > + break;
> > + }
> > + }
> > +
> > + if (!found_rulefile)
> > + if (unveil(NULL, NULL) == -1)
> > + err(1, "unveil");
> > +
> > if (argc > 0) {
> > for (afp = rafp = afs; rafp->af_name; rafp++)
> > if (strcmp(rafp->af_name, *argv) == 0) {
> Are these the only two unveil(2) calls in ifconfig(8)? If not mistaken,
> unless you unveil something before the call to disable unveil, it never
> actually restricts access to the filesystem, instead you need:
> if (unveil("/", "") == -1)
> err(1, "unveil");
> if (unveil(NULL, NULL) == -1)
> err(1, "unveil");
> -Bryan.
Ah, yes. unveil(NULL, NULL) does not activate unveil. A recent man page update
captures this a little better.
I will test again. with your addition.
Rob
