Regarding previous commit, X_OK on unveil-permitted directories does
authorderaadt <deraadt@openbsd.org>
Sun, 1 Sep 2024 23:26:10 +0000 (23:26 +0000)
committerderaadt <deraadt@openbsd.org>
Sun, 1 Sep 2024 23:26:10 +0000 (23:26 +0000)
commit863eace7cb72308d10e170ee98f15d95f55235d0
treefb1df9efb51ab61f60fa296d80bac643736dbd18
parentc920a736d2c1ec1bc99322d5576ae084602f0870
Regarding previous commit, X_OK on unveil-permitted directories does
not map nicely to UNVEIL_EXEC.  But we don't know before calling
namei() if the path is a directory.  Oh well, stick to UNVEIL_READ
for that case, it is going to be good enough for the typical case.
Worked out with jeremy after chrome/firefox Downloads directory issue.
sys/kern/vfs_syscalls.c