On Fri, Nov 29, 2019 at 11:06:45AM +0000, Ricardo Mestre wrote:
> Hi,
>
> After fork(2) the main proc needs rpath for {l,}stat/open and sendfd for
> imsg_*
> to send fds to the child proc which is already pledged by recvfd to receive
> them.
>
> Still passes regress tests, OK?
>
> Index: file.c
> ===================================================================
> RCS file: /cvs/src/usr.bin/file/file.c,v
> retrieving revision 1.68
> diff -u -p -u -r1.68 file.c
> --- file.c 5 Feb 2019 02:17:32 -0000 1.68
> +++ file.c 29 Nov 2019 11:03:47 -0000
> @@ -207,6 +207,9 @@ main(int argc, char **argv)
> }
> close(pair[1]);
>
> + if (pledge("stdio rpath sendfd", NULL) == -1)
> + err(1, "pledge");
> +
> fclose(magicfp);
> magicfp = NULL;
Nice catch, indeed the parent can reduce pledge(2) here. Works fine as
normal user and with root privdrop.
ok brynet@
