Ricardo Mestre(ser...@helheim.mooo.com) on 2020.06.18 23:40:54 +0100:
> Hi,
>
> Yes, this is a really broad permission to give but it's needed in order to
> read
> the config file (and those ones included from it) and also to exec the "check
> script(s)" which I missed in my last attempt to unveil(2) relayd(8).
>
> The reason it cannot be pledge(2)d is due to forbidden ioctls(2)s related to
> carp(4).
>
> This permits reading or execing anything from the filesystem but at least
> prevents create/write/delete files and regress tests still pass.
>
> Comments? OK?
ok benno@
> Index: relayd.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/relayd/relayd.c,v
> retrieving revision 1.182
> diff -u -p -u -r1.182 relayd.c
> --- relayd.c 15 Sep 2019 19:23:29 -0000 1.182
> +++ relayd.c 18 Jun 2020 22:19:50 -0000
> @@ -223,6 +223,11 @@ main(int argc, char *argv[])
> if (ps->ps_noaction == 0)
> log_info("startup");
>
> + if (unveil("/", "rx") == -1)
> + err(1, "unveil");
> + if (unveil(NULL, NULL) == -1)
> + err(1, "unveil");
> +
> event_init();
>
> signal_set(&ps->ps_evsigint, SIGINT, parent_sig_handler, ps);
>
