For opening up the bindings file in ypconnect(2), bail out early

if chrooted
issue pointed out by semarie

diff --git a/sys/kern/uipc_syscalls.c b/sys/kern/uipc_syscalls.c
index f51f077..946ba12 100644 (file)
--- a/sys/kern/uipc_syscalls.c
+++ b/sys/kern/uipc_syscalls.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: uipc_syscalls.c,v 1.197 2022/07/15 17:20:24 deraadt Exp $     */
+/*     $OpenBSD: uipc_syscalls.c,v 1.198 2022/07/18 03:02:05 deraadt Exp $     */
 /*     $NetBSD: uipc_syscalls.c,v 1.19 1996/02/09 19:00:48 christos Exp $      */
 
 /*
@@ -1342,6 +1342,8 @@ sys_ypconnect(struct proc *p, void *v, register_t *retval)
                return EAFNOSUPPORT;
        }
 
+       if (p->p_p->ps_flags & PS_CHROOT)
+               return EACCES;
        name = pool_get(&namei_pool, PR_WAITOK);
        snprintf(name, MAXPATHLEN, "/var/yp/binding/%s.2", domainname);
        NDINIT(&nid, 0, NOFOLLOW|LOCKLEAF|KERNELPATH, UIO_SYSSPACE, name, p);