artulab
projects / openbsd / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e420f7b)
For pledge, sigsuspend() should is affecting the behaviour a process itself,
authorderaadt <deraadt@openbsd.org>
Sat, 10 Oct 2015 19:15:53 +0000 (19:15 +0000)
committerderaadt <deraadt@openbsd.org>
Sat, 10 Oct 2015 19:15:53 +0000 (19:15 +0000)
so we should allow it for 'self'.
ok djm

sys/kern/kern_pledge.c patch | blob | history

diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c
index f6394c6..5ee44b4 100644 (file)
--- a/sys/kern/kern_pledge.c
+++ b/sys/kern/kern_pledge.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: kern_pledge.c,v 1.9 2015/10/10 16:35:08 deraadt Exp $ */
+/*     $OpenBSD: kern_pledge.c,v 1.10 2015/10/10 19:15:53 deraadt Exp $        */
 
 /*
  * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
@@ -89,6 +89,7 @@ const u_int pledge_syscalls[SYS_MAXSYSCALL] = {
        [SYS_sendsyslog] = PLEDGE_SELF,
        [SYS_nanosleep] = PLEDGE_SELF,
        [SYS_sigprocmask] = PLEDGE_SELF,
+       [SYS_sigsuspend] = PLEDGE_SELF,
        [SYS_sigaction] = PLEDGE_SELF,
        [SYS_sigreturn] = PLEDGE_SELF,
        [SYS_sigpending] = PLEDGE_SELF,
@@ -138,7 +139,6 @@ const u_int pledge_syscalls[SYS_MAXSYSCALL] = {
        [SYS_vfork] = PLEDGE_PROC,
        [SYS_kill] = PLEDGE_SELF | PLEDGE_PROC, 
        [SYS_setpgid] = PLEDGE_PROC,
-       [SYS_sigsuspend] = PLEDGE_PROC,
        [SYS_setrlimit] = PLEDGE_PROC,
 
        [SYS_execve] = PLEDGE_EXEC,
OpenBSD src
by Ahmet Artu Yildirim