restrict filesystem access with unveil(2).

this one opens the default table file "/usr/share/misc/usb_hid_usages" through
hid_start(3) from libusbhid, then `dev' (will be the fd used on the ioctls)
and finally `conf' which is the file with the actions to be monitored. `conf'
needs to be unveil(2)ed with read perms since usbhidaction(1) can run as daemon
and this file will be re-read if a SIGHUP is catched.

looks good deraadt@

diff --git a/usr.bin/usbhidaction/usbhidaction.c b/usr.bin/usbhidaction/usbhidaction.c
index 39d4357..d074651 100644 (file)
--- a/usr.bin/usbhidaction/usbhidaction.c
+++ b/usr.bin/usbhidaction/usbhidaction.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: usbhidaction.c,v 1.23 2019/06/28 13:35:05 deraadt Exp $ */
+/*     $OpenBSD: usbhidaction.c,v 1.24 2021/12/15 11:23:09 mestre Exp $ */
 /*      $NetBSD: usbhidaction.c,v 1.7 2002/01/18 14:38:59 augustss Exp $ */
 
 /*
@@ -164,6 +164,11 @@ main(int argc, char **argv)
                isdemon = 1;
        }
 
+       if (unveil(conf, "r") == -1)
+               err(1, "unveil %s", conf);
+       if (unveil(NULL, NULL) == -1)
+               err(1, "unveil");
+
        for(;;) {
                n = read(fd, buf, sz);
                if (verbose > 2) {