Hello,
This morning I was surprised to see a who(1) unveil violation in a
lastcomm(1) report, so I looked into it and found that when requesting
show_idle (-u flag) or show_term (-T flag), we indeed try to read
_PATH_DEV, which isn't unveiled yet.
I'm not an unveil(2) expert, and there might be a better way to handle
this, but I confirmed this fixes both case 0 (no file arg) and case 1
(e.g. `who -u /var/log/wtmp`). Tested on a -current snapshot from
yesterday, as well as on an up-to-date 6.7-stable box.
Cheers,
David
===
--- who.c.orig Thu Aug 27 06:24:18 2020
+++ who.c Thu Aug 27 06:40:52 2020
@@ -124,6 +124,10 @@
if (unveil(_PATH_UTMP, "r") == -1)
err(1, "unveil");
+ if (show_term || show_idle) {
+ if (unveil(_PATH_DEV, "r") == -1)
+ err(1, "unveil");
+ }
switch (argc) {
case 0: /* who */
if (pledge("stdio rpath getpw", NULL) == -1)
