Finer grained pledge for at(1). After setegid(), do a three-way pledge:

author tb <tb@openbsd.org>

Thu, 15 Jun 2017 19:37:10 +0000 (19:37 +0000)

committer tb <tb@openbsd.org>

Thu, 15 Jun 2017 19:37:10 +0000 (19:37 +0000)
author tb <tb@openbsd.org>
Thu, 15 Jun 2017 19:37:10 +0000 (19:37 +0000)
committer tb <tb@openbsd.org>
Thu, 15 Jun 2017 19:37:10 +0000 (19:37 +0000)
diff --git a/usr.bin/at/at.c b/usr.bin/at/at.c

index 16a96a7..21936c1 100644 (file)
--- a/usr.bin/at/at.c
+++ b/usr.bin/at/at.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: at.c,v 1.80 2017/06/07 23:36:43 millert Exp $ */
+/*     $OpenBSD: at.c,v 1.81 2017/06/15 19:37:10 tb Exp $      */
  
  /*
   *  at.c : Put file into atrun queue
@@ -991,9 +991,26 @@ main(int argc, char **argv)
                         if (setegid(spool_gid) != 0)
                                 fatal("setegid(spool_gid)");
                 }
+
+               if (pledge("stdio rpath wpath cpath fattr getpw unix", NULL)
+                   == -1)
+                       fatal("pledge");
+               break;
+
+       case ATQ:
+       case CAT:
+               if (pledge("stdio rpath getpw", NULL) == -1)
+                       fatal("pledge");
+               break;
+
+       case ATRM:
+               if (pledge("stdio rpath cpath getpw unix", NULL) == -1)
+                       fatal("pledge");
                 break;
+
         default:
-               ;
+               fatalx("internal error");
+               break;
         }
  
         if ((pw = getpwuid(user_uid)) == NULL)
author	tb <tb@openbsd.org>
	Thu, 15 Jun 2017 19:37:10 +0000 (19:37 +0000)
committer	tb <tb@openbsd.org>
	Thu, 15 Jun 2017 19:37:10 +0000 (19:37 +0000)