way the process moves fd's.
-/* $OpenBSD: file.c,v 1.50 2015/10/05 06:23:34 deraadt Exp $ */
+/* $OpenBSD: file.c,v 1.51 2015/10/06 15:39:44 deraadt Exp $ */
/*
* Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
int i, idx;
size_t len, width = 0;
- if (tame("stdio cmsg getpw proc", NULL) == -1)
+ if (tame("stdio getpw proc recvfd", NULL) == -1)
err(1, "tame");
if (geteuid() == 0) {
err(1, "setresuid");
}
- if (tame("stdio cmsg", NULL) == -1)
+ if (tame("stdio recvfd", NULL) == -1)
err(1, "tame");
m = magic_load(magicfp, magicpath, cflag || Wflag);
-/* $OpenBSD: session.c,v 1.341 2015/10/05 16:16:41 deraadt Exp $ */
+/* $OpenBSD: session.c,v 1.342 2015/10/06 15:39:44 deraadt Exp $ */
/*
* Copyright (c) 2003, 2004, 2005 Henning Brauer <henning@openbsd.org>
setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid))
fatal("can't drop privileges");
- if (tame("stdio inet cmsg", NULL) == -1)
+ if (tame("stdio inet recvfd", NULL) == -1)
err(1, "tame");
signal(SIGTERM, session_sighdlr);
-/* $OpenBSD: privsep.c,v 1.36 2015/10/03 00:51:08 deraadt Exp $ */
+/* $OpenBSD: privsep.c,v 1.37 2015/10/06 15:39:44 deraadt Exp $ */
/*
* Copyright (c) 2003 Can Erkin Acar
case PRIV_INIT_DONE:
test_state(cmd, STATE_RUN);
impl_init_done(socks[0], &bpfd);
- if (tame("malloc cmsg inet ioctl dns rpath", NULL) == -1)
+ if (tame("stdio rpath inet unix ioctl dns recvfd", NULL) == -1)
err(1, "tame");
break;
case PRIV_GETHOSTBYADDR:
projects / openbsd / commitdiff