Re: rpki-client unveil main process

Thu, 04 Aug 2022 04:49:14 -0700 

We are using pledge so if you don't remove the unveil permission it will be
allowed throughtout the entire process, so please just change unveil(NULL, NULL)
to old previous pledge("stdio rpath wpath cpath fattr sendfd").

Thank you :)

On 12:29 Thu 04 Aug     , Claudio Jeker wrote:
> On Thu, Aug 04, 2022 at 12:24:03PM +0200, Theo Buehler wrote:
> > On Thu, Aug 04, 2022 at 12:11:45PM +0200, Claudio Jeker wrote:
> > > This diff adds unveil to the main process. This is done after all files
> > > from the command line have been read. Both for regular and -f mode.
> > > Once the args have been read the process can limit the access to the
> > > cachedir and the output dir. In -f mode only read access to the cachdir is
> > > required. In regular both cachedir and outputdir need rwc rights.
> > 
> > 
> > > 
> > > -- 
> > > :wq Claudio
> > > 
> > > Index: main.c
> > > ===================================================================
> > > RCS file: /cvs/src/usr.sbin/rpki-client/main.c,v
> > > retrieving revision 1.208
> > > diff -u -p -r1.208 main.c
> > > --- main.c        27 Jun 2022 10:18:27 -0000      1.208
> > > +++ main.c        28 Jul 2022 16:57:16 -0000
> > > @@ -1006,8 +1006,7 @@ main(int argc, char *argv[])
> > >           signal(SIGALRM, suicide);
> > >   }
> > >  
> > > - /* TODO unveil cachedir and outputdir, no other access allowed */
> > > - if (pledge("stdio rpath wpath cpath fattr sendfd", NULL) == -1)
> > > + if (pledge("stdio rpath wpath cpath fattr sendfd unveil", NULL) == -1)
> > >           err(1, "pledge");
> > >  
> > >   msgbuf_init(&procq);
> > > @@ -1049,6 +1048,18 @@ main(int argc, char *argv[])
> > >           while (*argv != NULL)
> > >                   queue_add_file(*argv++, RTYPE_FILE, 0);
> > >   }
> > 
> > This brace ends an if (filemode) block. I'm wondering if this would not
> > be cleaner:
> > 
> >     if (filemode) {
> >             while (*argv != NULL)
> >                     queue_add_file(*argv++, RTYPE_FILE, 0);
> > 
> >             if (unveil(cachedir, "r") == -1)
> >                     err(1, "unveil cachedir");
> >     } else {
> >             if (unveil(outputdir, "rwc") == -1)
> >                     err(1, "unveil outputdir");
> >             if (unveil(cachedir, "rwc") == -1)
> >                     err(1, "unveil cachedir");
> >     }
> >     if (unveil(NULL, NULL) == -1)
> >             err(1, "unveil");
> > 
> > Either way ok
> 
> Sure, good suggestion. Will commit that version.
> 
> -- 
> :wq Claudio
>

Reply via email to