From 067bf70efe8d840cecf50542de8f47199c209f13 Mon Sep 17 00:00:00 2001 From: kn Date: Thu, 9 Nov 2023 18:54:15 +0000 Subject: [PATCH] Tighten pledge in List and Append mode: Drop "wpath cpath fattr dpath" in read-only: - cpio -i -t < test.tar - pax < test.tar - tar -t -f test.tar Drop "cpath fattr dpath" in read-write: - echo foo | cpio -o -A -H ustar -O test.tar - tar -r -f test.tar foo - pax -w -a -f test.tar foo Other modes remain unchanged and thus can create or modify files. Feedback OK millert --- bin/pax/ar_io.c | 15 +++++++++++---- bin/pax/pax.c | 33 ++++++++++++++++++++++++++------- 2 files changed, 37 insertions(+), 11 deletions(-) diff --git a/bin/pax/ar_io.c b/bin/pax/ar_io.c index ddbd36ee720..ab0ea929819 100644 --- a/bin/pax/ar_io.c +++ b/bin/pax/ar_io.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ar_io.c,v 1.63 2019/06/28 13:34:59 deraadt Exp $ */ +/* $OpenBSD: ar_io.c,v 1.64 2023/11/09 18:54:15 kn Exp $ */ /* $NetBSD: ar_io.c,v 1.5 1996/03/26 23:54:13 mrg Exp $ */ /*- @@ -1261,9 +1261,16 @@ ar_start_gzip(int fd, const char *path, int wr) close(fds[1]); if (pmode == 0 || (act != EXTRACT && act != COPY)) { - if (pledge("stdio rpath wpath cpath fattr dpath getpw proc tape", - NULL) == -1) - err(1, "pledge"); + if (act == LIST) { + if (pledge("stdio rpath getpw proc tape", + NULL) == -1) + err(1, "pledge"); + /* can not gzip while appending */ + } else { + if (pledge("stdio rpath wpath cpath fattr dpath getpw proc tape", + NULL) == -1) + err(1, "pledge"); + } } } else { if (wr) { diff --git a/bin/pax/pax.c b/bin/pax/pax.c index f86ba6d7ceb..1bdb6160bd5 100644 --- a/bin/pax/pax.c +++ b/bin/pax/pax.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pax.c,v 1.55 2023/10/15 09:49:57 kn Exp $ */ +/* $OpenBSD: pax.c,v 1.56 2023/11/09 18:54:15 kn Exp $ */ /* $NetBSD: pax.c,v 1.5 1996/03/26 23:54:20 mrg Exp $ */ /*- @@ -273,13 +273,32 @@ main(int argc, char **argv) if (pmode == 0 || (act != EXTRACT && act != COPY)) { /* Copy mode, or no gzip -- don't need to fork/exec. */ if (gzip_program == NULL || act == COPY) { - if (pledge("stdio rpath wpath cpath fattr dpath getpw tape", - NULL) == -1) - err(1, "pledge"); + /* List mode -- don't need to write/create/modify files. */ + if (act == LIST) { + if (pledge("stdio rpath getpw tape", + NULL) == -1) + err(1, "pledge"); + /* Append mode -- don't need to create/modify files. */ + } else if (act == APPND) { + if (pledge("stdio rpath wpath getpw tape", + NULL) == -1) + err(1, "pledge"); + } else { + if (pledge("stdio rpath wpath cpath fattr dpath getpw tape", + NULL) == -1) + err(1, "pledge"); + } } else { - if (pledge("stdio rpath wpath cpath fattr dpath getpw proc exec tape", - NULL) == -1) - err(1, "pledge"); + if (act == LIST) { + if (pledge("stdio rpath getpw proc exec tape", + NULL) == -1) + err(1, "pledge"); + /* can not gzip while appending */ + } else { + if (pledge("stdio rpath wpath cpath fattr dpath getpw proc exec tape", + NULL) == -1) + err(1, "pledge"); + } } } -- 2.20.1