----- Original Message ----- > From: "Rob Pierce" <r...@2keys.ca> > To: "Bryan Steele" <bry...@gmail.com> > Cc: "tech" <tech@openbsd.org> > Sent: Thursday, August 2, 2018 1:30:15 PM > Subject: Re: please test: unveil for ifconfig
> ----- Original Message ----- > > From: "Bryan Steele" <bry...@gmail.com> > > To: "tech" <tech@openbsd.org> > > Sent: Thursday, August 2, 2018 1:24:48 PM > > Subject: Re: please test: unveil for ifconfig > > On Thu, Aug 02, 2018 at 07:04:31PM +0200, Florian Obser wrote: > > > I have been told that this is going to fall into snaps soon. If you > > > are doing weird (or normal) things with ifconfig, please test. > > > In particular if you use rulefile. > > > Thanks! > > > diff --git ifconfig.c ifconfig.c > > > index 9bfb1751aab..873aed5bcc7 100644 > > > --- ifconfig.c > > > +++ ifconfig.c > > > @@ -676,10 +676,13 @@ main(int argc, char *argv[]) > > > int create = 0; > > > int Cflag = 0; > > > int gflag = 0; > > > + int found_rulefile = 0; > > > int i; > > > /* If no args at all, print all interfaces. */ > > > if (argc < 2) { > > > + if (unveil(NULL, NULL) == -1) > > > + err(1, "unveil"); > > > aflag = 1; > > > printif(NULL, 0); > > > return (0); > > > @@ -721,6 +724,18 @@ main(int argc, char *argv[]) > > > } else if (strlcpy(name, *argv, sizeof(name)) >= IFNAMSIZ) > > > errx(1, "interface name '%s' too long", *argv); > > > argc--, argv++; > > > + > > > + for (i = 0; i < argc; i++) { > > > + if (strcmp(argv[0], "rulefile") == 0) { > > > + found_rulefile = 1; > > > + break; > > > + } > > > + } > > > + > > > + if (!found_rulefile) > > > + if (unveil(NULL, NULL) == -1) > > > + err(1, "unveil"); > > > + > > > if (argc > 0) { > > > for (afp = rafp = afs; rafp->af_name; rafp++) > > > if (strcmp(rafp->af_name, *argv) == 0) { > > Are these the only two unveil(2) calls in ifconfig(8)? If not mistaken, > > unless you unveil something before the call to disable unveil, it never > > actually restricts access to the filesystem, instead you need: > > if (unveil("/", "") == -1) > > err(1, "unveil"); > > if (unveil(NULL, NULL) == -1) > > err(1, "unveil"); > > -Bryan. > Ah, yes. unveil(NULL, NULL) does not activate unveil. A recent man page update > captures this a little better. > I will test again. with your addition. > Rob ifstated regress passes with modified unveil calls. They are pretty basic use cases though. Rob