From: mestre <mestre@openbsd.org>
Date: Fri, 16 Jul 2021 14:34:37 +0000 (+0000)
Subject: /etc/ssl/cert.pem is loaded into mem with tls_load_file(3) on local function
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=fd393c40f8d426790970685240ce5801f6461f8c;p=openbsd

/etc/ssl/cert.pem is loaded into mem with tls_load_file(3) on local function
priv_constraint_child() which is called before we reach pledge(2), therefore we
we don't need to unveil(2) that file nor having pledge("rpath") since it was
only required to read that same file.

OK kn@
---

diff --git a/usr.sbin/ntpd/ntpd.c b/usr.sbin/ntpd/ntpd.c
index 134073117cb..076f917e2f7 100644
--- a/usr.sbin/ntpd/ntpd.c
+++ b/usr.sbin/ntpd/ntpd.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ntpd.c,v 1.130 2021/07/12 15:09:21 beck Exp $ */
+/*	$OpenBSD: ntpd.c,v 1.131 2021/07/16 14:34:37 mestre Exp $ */
 
 /*
  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -283,11 +283,9 @@ main(int argc, char *argv[])
 	 * Constraint processes are forked with certificates in memory,
 	 * then privdrop into chroot before speaking to the outside world.
 	 */
-	if (unveil(tls_default_ca_cert_file(), "r") == -1)
-		err(1, "unveil %s", tls_default_ca_cert_file());
 	if (unveil("/usr/sbin/ntpd", "x") == -1)
 		err(1, "unveil /usr/sbin/ntpd");
-	if (pledge("stdio rpath inet settime proc exec id", NULL) == -1)
+	if (pledge("stdio inet settime proc exec id", NULL) == -1)
 		err(1, "pledge");
 
 	while (quit == 0) {