Re: [hackers] [quark] Fix unveil(2) usage || Laslo Hunhold

From: Hiltjo Posthuma <hiltjo_AT_codemadness.org>
Date: Fri, 20 Mar 2020 20:54:57 +0100

On Fri, Mar 20, 2020 at 08:39:10PM +0100, git_AT_suckless.org wrote:
> commit 5ee8c07e7e3e601fce49fbc2b170227924be3804
> Author: Laslo Hunhold <dev_AT_frign.de>
> AuthorDate: Fri Mar 20 20:35:34 2020 +0100
> Commit: Laslo Hunhold <dev_AT_frign.de>
> CommitDate: Fri Mar 20 20:35:34 2020 +0100
>
> Fix unveil(2) usage
>
> Thanks to the feedback by z0lqLA! I forgot that unveil(NULL, NULL)
> only locks further unveil calls when there has been at least _one_ prior
> call to unveil!
>
> To fix this, we reorder the calls and also make sure to call unveil()
> before we disallow unveils via pledge.
>
> Signed-off-by: Laslo Hunhold <dev_AT_frign.de>
>
> diff --git a/main.c b/main.c
> index c1ff489..eab952d 100644
> --- a/main.c
> +++ b/main.c
> _AT_@ -387,10 +387,13 @@ main(int argc, char *argv[])
> exit(0);
> default:
> /* limit ourselves even further while we are waiting */
> - eunveil(NULL, NULL);
> if (udsname) {
> + eunveil(udsname, "c");
> + eunveil(NULL, NULL);
> epledge("stdio cpath", NULL);
> } else {
> + eunveil("/", "");
> + eunveil(NULL, NULL);
> epledge("stdio", NULL);
> }
>
>

Hi,

The eunveil(NULL, NULL) lines are not needed here, because pledge is called
right after without the "unveil" promise (but it doesn't really matter except
saving 2 lines).

from the unveil(2) man page:

     "After establishing a collection of path and permissions rules, future
     calls to unveil() can be disabled by passing two NULL arguments.
     Alternatively, pledge(2) may be used to remove the "unveil" promise."

-- 
Kind regards,
Hiltjo
Received on Fri Mar 20 2020 - 20:54:57 CET

This archive was generated by hypermail 2.3.0 : Fri Mar 20 2020 - 21:00:36 CET