stat() and access() become "rpath", this is safe because pledge_namei no longer

mirror of https://github.com/openbsd/src.git synced 2026-04-22 21:24:34 +00:00

has a special case for these two system calls. With this change pledge "stdio"
no longer lets user code reach namei().

ok deraadt

This commit is contained in:

dgl

2026-03-27 05:15:25 +00:00

parent 081c22237c

commit e75afad489

1 changed files with 3 additions and 3 deletions

									
										6

sys/kern/kern_pledge.c
									
												View File
												
				@@ -1,4 +1,4 @@

				/*	$OpenBSD: kern_pledge.c,v 1.355 2026/03/26 05:21:06 dgl Exp $	*/

				/*	$OpenBSD: kern_pledge.c,v 1.356 2026/03/27 05:15:25 dgl Exp $	*/

				/*

				 * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>

				@@ -243,8 +243,8 @@ const uint64_t pledge_syscalls[SYS_MAXSYSCALL] = {

					 */

					[SYS_open] = PLEDGE_RPATH | PLEDGE_WPATH,

					[SYS___pledge_open] = PLEDGE_STDIO,

					[SYS_stat] = PLEDGE_STDIO,

					[SYS_access] = PLEDGE_STDIO,

					[SYS_stat] = PLEDGE_RPATH,

					[SYS_access] = PLEDGE_RPATH,

					[SYS_readlink] = PLEDGE_RPATH,

					[SYS___realpath] = PLEDGE_RPATH,

stat() and access() become "rpath", this is safe because pledge_namei no longer

6 sys/kern/kern_pledge.c Unescape Escape View File

6

sys/kern/kern_pledge.c

View File