From: bluhm Date: Fri, 19 Jul 2024 15:28:51 +0000 (+0000) Subject: unveil(2) /etc/gettytab.db in getty(8) to avoid possible violation. X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=4538572b6b255b20e2c8d3fc8d9311d6473559cb;p=openbsd unveil(2) /etc/gettytab.db in getty(8) to avoid possible violation. OK deraadt@ --- diff --git a/libexec/getty/main.c b/libexec/getty/main.c index dac5ad3449b..74b3aa27779 100644 --- a/libexec/getty/main.c +++ b/libexec/getty/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.55 2024/04/28 16:42:53 florian Exp $ */ +/* $OpenBSD: main.c,v 1.56 2024/07/19 15:28:51 bluhm Exp $ */ /*- * Copyright (c) 1980, 1993 @@ -172,7 +172,8 @@ main(int argc, char *argv[]) tname = "default"; - if (unveil(_PATH_GETTYTAB, "r") == -1) { + if (unveil(_PATH_GETTYTAB, "r") == -1 || + unveil(_PATH_GETTYTAB ".db", "r") == -1) { syslog(LOG_ERR, "%s: %m", tname); exit(1); }