openbsd/src
1
0
Fork 0
mirror of https://github.com/openbsd/src.git synced 2026-04-24 22:26:03 +00:00
Code Issues Projects Releases Wiki Activity

Instead of pledge "tmppath rpath", setup a "rwc" unveil on "/tmp", a

Browse Source 
"r" unveil on "/", and then pledge "rpath wpath cpath".
ok semarie and others
This commit is contained in:
deraadt
2026-02-18 15:25:01 +00:00
parent cd7feeec72
commit ad461ab28a
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
usr.bin/diff/diff.c
View File

@@ -1,4 +1,4 @@
/* $OpenBSD: diff.c,v 1.68 2023/01/05 00:00:44 millert Exp $ */
/* $OpenBSD: diff.c,v 1.69 2026/02/18 15:25:01 deraadt Exp $ */
/*
* Copyright (c) 2003 Todd C. Miller <millert@openbsd.org>
@@ -211,7 +211,11 @@ main(int argc, char **argv)
argc -= optind;
argv += optind;
if (pledge("stdio rpath tmppath", NULL) == -1)
if (unveil("/tmp", "rwc") == -1)
err(2, "unveil /tmp");
if (unveil("/", "r") == -1)
err(2, "unveil /");
if (pledge("stdio rpath wpath cpath", NULL) == -1)
err(2, "pledge");
/*