less: tighten pledge in secure mode

Tue, 21 Sep 2021 15:14:52 -0700 

Hi,

upstream (greenwood) less has disabled history file support for secure
mode, i.e. LESSSECURE=1: https://github.com/gwsw/less/pull/201

The problem was about permanent marks for which we do not have support
anyway. Users could possibly access files they should not be able to.

Since upstream does not allow history file in secure mode anymore we
could do the same and remove wpath from secure mode pledge.

I have added a note about history file to our manual page.

Comments? Okays?


Tobias

Index: cmdbuf.c
===================================================================
RCS file: /cvs/src/usr.bin/less/cmdbuf.c,v
retrieving revision 1.20
diff -u -p -u -p -r1.20 cmdbuf.c
--- cmdbuf.c    2 Sep 2019 14:07:45 -0000       1.20
+++ cmdbuf.c    21 Sep 2021 20:16:08 -0000
@@ -20,6 +20,7 @@
 #include "cmd.h"
 #include "less.h"
 
+extern int secure;
 extern int sc_width;
 extern int utf_mode;
 
@@ -1203,6 +1204,8 @@ init_cmdhist(void)
        FILE *f;
        char *p;
 
+       if (secure)
+               return;
        filename = histfile_name();
        if (filename == NULL)
                return;
@@ -1274,6 +1277,8 @@ save_cmdhist(void)
        struct stat statbuf;
        int r;
 
+       if (secure)
+               return;
        if (mlist_search.modified)
                modified = 1;
        if (mlist_shell.modified)
Index: less.1
===================================================================
RCS file: /cvs/src/usr.bin/less/less.1,v
retrieving revision 1.57
diff -u -p -u -p -r1.57 less.1
--- less.1      2 Sep 2019 14:07:45 -0000       1.57
+++ less.1      21 Sep 2021 20:16:09 -0000
@@ -1697,6 +1697,8 @@ Use of lesskey files.
 .It Fl t
 Use of tags files.
 .It " "
+Use of history file.
+.It " "
 Metacharacters in filenames, such as "*".
 .It " "
 Filename completion (TAB, ^L).
Index: main.c
===================================================================
RCS file: /cvs/src/usr.bin/less/main.c,v
retrieving revision 1.37
diff -u -p -u -p -r1.37 main.c
--- main.c      28 Jun 2019 05:44:09 -0000      1.37
+++ main.c      21 Sep 2021 20:16:09 -0000
@@ -91,7 +91,7 @@ main(int argc, char *argv[])
                secure = 1;
 
        if (secure) {
-               if (pledge("stdio rpath wpath tty", NULL) == -1) {
+               if (pledge("stdio rpath tty", NULL) == -1) {
                        perror("pledge");
                        exit(1);
                }

Reply via email to