unveil maildir, utmp, /tmp, and /dev. For the vast number of people

author deraadt <deraadt@openbsd.org>

Mon, 24 Sep 2018 22:56:54 +0000 (22:56 +0000)

committer deraadt <deraadt@openbsd.org>

Mon, 24 Sep 2018 22:56:54 +0000 (22:56 +0000)
author deraadt <deraadt@openbsd.org>
Mon, 24 Sep 2018 22:56:54 +0000 (22:56 +0000)
committer deraadt <deraadt@openbsd.org>
Mon, 24 Sep 2018 22:56:54 +0000 (22:56 +0000)
diff --git a/libexec/comsat/comsat.c b/libexec/comsat/comsat.c

index df7283b..3a90d34 100644 (file)
--- a/libexec/comsat/comsat.c
+++ b/libexec/comsat/comsat.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: comsat.c,v 1.48 2017/04/03 17:23:39 tedu Exp $        */
+/*     $OpenBSD: comsat.c,v 1.49 2018/09/24 22:56:54 deraadt Exp $     */
  
  /*
   * Copyright (c) 1980, 1993
@@ -91,6 +91,14 @@ main(int argc, char *argv[])
                 exit(1);
         }
  
+       if (unveil(_PATH_MAILDIR, "r") == -1)
+               err(1, "unveil");
+       if (unveil(_PATH_UTMP, "r") == -1)
+               err(1, "unveil");
+       if (unveil("/tmp", "w") == -1)
+               err(1, "unveil");
+       if (unveil(_PATH_DEV, "rw") == -1)
+               err(1, "unveil");
         if (pledge("stdio rpath wpath proc tty", NULL) == -1)
                 err(1, "pledge");
author	deraadt <deraadt@openbsd.org>
	Mon, 24 Sep 2018 22:56:54 +0000 (22:56 +0000)
committer	deraadt <deraadt@openbsd.org>
	Mon, 24 Sep 2018 22:56:54 +0000 (22:56 +0000)