relayd: remove unveil to unbreak "check script"

Stuart Henderson Fri, 30 Aug 2019 09:46:56 -0700

---------------------
Date: 2019/04/24 20:13:49
Author: mestre
Branch: HEAD
Tag: (none) 
Log:
restrict filesystem access to read only on main process via unveil(2)


ok benno@ deraadt@

Members: 
        relayd.c:1.174->1.175 
---------------------

This breaks "check script". OK, or any better ideas?

Index: relayd.c
===================================================================
RCS file: /cvs/src/usr.sbin/relayd/relayd.c,v
retrieving revision 1.180
diff -u -p -r1.180 relayd.c
--- relayd.c    26 Jun 2019 12:13:47 -0000      1.180
+++ relayd.c    30 Aug 2019 16:44:57 -0000
@@ -223,11 +223,6 @@ main(int argc, char *argv[])
        if (ps->ps_noaction == 0)
                log_info("startup");
 
-       if (unveil("/", "r") == -1)
-               err(1, "unveil");
-       if (unveil(NULL, NULL) == -1)
-               err(1, "unveil");
-
        event_init();
 
        signal_set(&ps->ps_evsigint, SIGINT, parent_sig_handler, ps);

relayd: remove unveil to unbreak "check script"

Reply via email to