-/* $OpenBSD: command.c,v 1.15 2015/10/05 23:15:31 nicm Exp $ */
+/* $OpenBSD: command.c,v 1.16 2017/12/10 01:03:46 deraadt Exp $ */
/*
* Copyright (c) 2012 Nicholas Marriott <nicm@openbsd.org>
#include <signal.h>
#include <stdlib.h>
#include <stdio.h>
+#include <string.h>
#include <unistd.h>
#include "cu.h"
void
do_command(char c)
{
+ if (restricted && strchr("CRX$>", c) != NULL) {
+ cu_warnx("~%c command is not allowed in restricted mode", c);
+ return;
+ }
+
switch (c) {
case '.':
case '\004': /* ^D */
-.\" $OpenBSD: cu.1,v 1.15 2015/05/18 09:35:05 nicm Exp $
+.\" $OpenBSD: cu.1,v 1.16 2017/12/10 01:03:46 deraadt Exp $
.\"
.\" Copyright (c) 1980, 1990, 1993
.\" The Regents of the University of California. All rights reserved.
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd $Mdocdate: May 18 2015 $
+.Dd $Mdocdate: December 10 2017 $
.Dt CU 1
.Os
.Sh NAME
.Nd serial terminal emulator
.Sh SYNOPSIS
.Nm
-.Op Fl d
+.Op Fl dr
.Op Fl l Ar line
.Op Fl s Ar speed | Fl Ar speed
.Nm
Specify that the line is directly connected and
.Nm
should not allow the driver to block waiting for a carrier to be detected.
+.It Fl r
+Starts
+.Nm
+in restricted mode.
+This prevents all local filesystem operations and command executions.
.It Fl l Ar line
Specify the line to use.
Either of the forms like
The command string sent to the local
.Ux
system is processed by the shell.
+This command is not allowed in restricted mode.
.It Ic ~#
Send a
.Dv BREAK
1 \*(Lt-\*(Gt remote tty out
2 \*(Lt-\*(Gt local tty stderr
.Ed
+.Pp
+This command is not allowed in restricted mode.
.It Ic ~D
Deassert the data terminal ready (DTR) line briefly.
+This command is not allowed in restricted mode.
.It Ic ~R
Record all output from the remote system to a file.
If the given file already exists, it is appended to.
If no file is specified, any existing recording is stopped.
+This command is not allowed in restricted mode.
.It Ic ~S
Change the speed of the connection.
.It Ic ~X
Send a file with the XMODEM protocol.
+This command is not allowed in restricted mode.
.It Ic ~?
Get a summary of the tilde escapes.
.El
-/* $OpenBSD: cu.c,v 1.25 2017/08/22 16:32:37 mestre Exp $ */
+/* $OpenBSD: cu.c,v 1.26 2017/12/10 01:03:46 deraadt Exp $ */
/*
* Copyright (c) 2012 Nicholas Marriott <nicm@openbsd.org>
struct bufferevent *input_ev;
struct bufferevent *output_ev;
int is_direct = -1;
+int restricted = 0;
const char *line_path = NULL;
int line_speed = -1;
int line_fd;
__dead void
usage(void)
{
- fprintf(stderr, "usage: %s [-d] [-l line] [-s speed | -speed]\n",
+ fprintf(stderr, "usage: %s [-dr] [-l line] [-s speed | -speed]\n",
__progname);
fprintf(stderr, " %s [host]\n", __progname);
exit(1);
errx(1, "speed asprintf");
}
- while ((opt = getopt(argc, argv, "dl:s:")) != -1) {
+ while ((opt = getopt(argc, argv, "drl:s:")) != -1) {
switch (opt) {
case 'd':
is_direct = 1;
break;
+ case 'r':
+ if (pledge("stdio rpath wpath tty", NULL) == -1)
+ err(1, "pledge");
+ restricted = 1;
+ break;
case 'l':
line_path = optarg;
break;
line_fd = open(line_path, flags);
if (line_fd < 0)
err(1, "open(\"%s\")", line_path);
+ if (restricted && pledge("stdio tty", NULL) == -1)
+ err(1, "pledge");
if (!isatty(line_fd))
err(1, "%s", line_path);
if (ioctl(line_fd, TIOCEXCL) != 0)
-/* $OpenBSD: cu.h,v 1.7 2015/10/05 23:15:31 nicm Exp $ */
+/* $OpenBSD: cu.h,v 1.8 2017/12/10 01:03:46 deraadt Exp $ */
/*
* Copyright (c) 2012 Nicholas Marriott <nicm@openbsd.org>
void do_command(char);
/* cu.c */
+extern int restricted;
extern FILE *record_file;
extern struct termios saved_tio;
extern int line_fd;
projects / openbsd / commitdiff