Re: please test: unveil for ifconfig

Thu, 02 Aug 2018 10:46:22 -0700 

----- Original Message -----
> From: "Rob Pierce" <r...@2keys.ca>
> To: "Bryan Steele" <bry...@gmail.com>
> Cc: "tech" <tech@openbsd.org>
> Sent: Thursday, August 2, 2018 1:30:15 PM
> Subject: Re: please test: unveil for ifconfig

> ----- Original Message -----
> > From: "Bryan Steele" <bry...@gmail.com>
> > To: "tech" <tech@openbsd.org>
> > Sent: Thursday, August 2, 2018 1:24:48 PM
> > Subject: Re: please test: unveil for ifconfig

> > On Thu, Aug 02, 2018 at 07:04:31PM +0200, Florian Obser wrote:
> > > I have been told that this is going to fall into snaps soon. If you
> > > are doing weird (or normal) things with ifconfig, please test.

> > > In particular if you use rulefile.

> > > Thanks!

> > > diff --git ifconfig.c ifconfig.c
> > > index 9bfb1751aab..873aed5bcc7 100644
> > > --- ifconfig.c
> > > +++ ifconfig.c
> > > @@ -676,10 +676,13 @@ main(int argc, char *argv[])
> > > int create = 0;
> > > int Cflag = 0;
> > > int gflag = 0;
> > > + int found_rulefile = 0;
> > > int i;

> > > /* If no args at all, print all interfaces. */
> > > if (argc < 2) {
> > > + if (unveil(NULL, NULL) == -1)
> > > + err(1, "unveil");
> > > aflag = 1;
> > > printif(NULL, 0);
> > > return (0);
> > > @@ -721,6 +724,18 @@ main(int argc, char *argv[])
> > > } else if (strlcpy(name, *argv, sizeof(name)) >= IFNAMSIZ)
> > > errx(1, "interface name '%s' too long", *argv);
> > > argc--, argv++;
> > > +
> > > + for (i = 0; i < argc; i++) {
> > > + if (strcmp(argv[0], "rulefile") == 0) {
> > > + found_rulefile = 1;
> > > + break;
> > > + }
> > > + }
> > > +
> > > + if (!found_rulefile)
> > > + if (unveil(NULL, NULL) == -1)
> > > + err(1, "unveil");
> > > +
> > > if (argc > 0) {
> > > for (afp = rafp = afs; rafp->af_name; rafp++)
> > > if (strcmp(rafp->af_name, *argv) == 0) {

> > Are these the only two unveil(2) calls in ifconfig(8)? If not mistaken,
> > unless you unveil something before the call to disable unveil, it never
> > actually restricts access to the filesystem, instead you need:

> > if (unveil("/", "") == -1)
> > err(1, "unveil");
> > if (unveil(NULL, NULL) == -1)
> > err(1, "unveil");

> > -Bryan.

> Ah, yes. unveil(NULL, NULL) does not activate unveil. A recent man page update
> captures this a little better.

> I will test again. with your addition.

> Rob

ifstated regress passes with modified unveil calls.

They are pretty basic use cases though.

Rob

Reply via email to