From aec6b5c35ac33736e6b94e1a613666fe19ebb2d4 Mon Sep 17 00:00:00 2001 From: Hiltjo Posthuma Date: Fri, 1 Jan 2021 22:38:10 +0100 Subject: sfeed_gopher: tighten filesystem permissions on OpenBSD using unveil(2) sfeed_gopher must be able to write in the current directory, but does not need write permissions outside it. It could read from any place in the filesystem (to read feed files). Prompted by a suggestion from vejetaryenvampir, thanks! --- sfeed_gopher.c | 13 +++++++++++-- util.h | 1 + 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/sfeed_gopher.c b/sfeed_gopher.c index 0d5b0c9..69b15f6 100644 --- a/sfeed_gopher.c +++ b/sfeed_gopher.c @@ -112,8 +112,17 @@ main(int argc, char *argv[]) char *name, *p, path[PATH_MAX + 1]; int i, r; - if (pledge(argc == 1 ? "stdio" : "stdio rpath wpath cpath", NULL) == -1) - err(1, "pledge"); + if (argc == 1) { + if (pledge("stdio", NULL) == -1) + err(1, "pledge"); + } else { + if (unveil("/", "r") == -1) + err(1, "unveil"); + if (unveil(".", "rwc") == -1) + err(1, "unveil"); + if (pledge("stdio rpath wpath cpath", NULL) == -1) + err(1, "pledge"); + } if ((comparetime = time(NULL)) == -1) err(1, "time"); diff --git a/util.h b/util.h index bdd5664..bc6e52f 100644 --- a/util.h +++ b/util.h @@ -6,6 +6,7 @@ #include #else #define pledge(p1,p2) 0 +#define unveil(p1,p2) 0 #endif #undef strlcat -- cgit v1.2.3