Hi,
and of course this was also missing unveil(NULL, NULL). ok now?
this one opens the default table file "/usr/share/misc/usb_hid_usages" through
hid_start(3) from libusbhid, then `dev' (will have the fd used on the ioctls)
and finally `conf' which is the file with the actions to be monitored. `conf'
needs to be unveiled with read perms since usbhidaction(1) can run as daemon and
this file will be re-read if a SIGHUP is catched.
Index: usbhidaction.c
===================================================================
RCS file: /cvs/src/usr.bin/usbhidaction/usbhidaction.c,v
retrieving revision 1.23
diff -u -p -u -r1.23 usbhidaction.c
--- usbhidaction.c 28 Jun 2019 13:35:05 -0000 1.23
+++ usbhidaction.c 13 Dec 2021 15:13:32 -0000
@@ -164,6 +164,11 @@ main(int argc, char **argv)
isdemon = 1;
}
+ if (unveil(conf, "r") == -1)
+ err(1, "unveil %s", conf);
+ if (unveil(NULL, NULL) == -1)
+ err(1, "unveil");
+
for(;;) {
n = read(fd, buf, sz);
if (verbose > 2) {
