From 12dbdd4638bfb1e0a020777b160c1ddfe5009180 Mon Sep 17 00:00:00 2001 From: mestre Date: Mon, 21 Feb 2022 19:49:46 +0000 Subject: [PATCH] unveil(2) "/dev" read-only instead of using chroot(2)/chdir(2). after calling the latter the program then also calls stat(2) and therefore it never actually worked correctly since they were added almost 20 years now. while here remove an implementation detail from the manpage which covered the chroot part. pointed out by and ok deraadt@ --- libexec/rpc.rusersd/rpc.rusersd.8 | 16 +++------------- libexec/rpc.rusersd/rusersd.c | 8 ++++---- 2 files changed, 7 insertions(+), 17 deletions(-) diff --git a/libexec/rpc.rusersd/rpc.rusersd.8 b/libexec/rpc.rusersd/rpc.rusersd.8 index 541278a40f2..4f1e6b120c0 100644 --- a/libexec/rpc.rusersd/rpc.rusersd.8 +++ b/libexec/rpc.rusersd/rpc.rusersd.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: rpc.rusersd.8,v 1.8 2015/12/01 20:27:06 tim Exp $ +.\" $OpenBSD: rpc.rusersd.8,v 1.9 2022/02/21 19:49:46 mestre Exp $ .\" .\" Copyright (c) 1985, 1991 The Regents of the University of California. .\" All rights reserved. @@ -27,9 +27,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $Id: rpc.rusersd.8,v 1.8 2015/12/01 20:27:06 tim Exp $ +.\" $Id: rpc.rusersd.8,v 1.9 2022/02/21 19:49:46 mestre Exp $ .\" -.Dd $Mdocdate: December 1 2015 $ +.Dd $Mdocdate: February 21 2022 $ .Dt RPC.RUSERSD 8 .Os .Sh NAME @@ -41,16 +41,6 @@ .Nm rpc.rusersd is a server which returns information about users currently logged in to the system. -At startup, -.Nm -opens -.Pa /var/run/utmp -and subsequently performs a -.Xr chroot 2 -to -.Pa /var/empty -and switches to user -.Va _rusersd . .Pp The currently logged in users are queried using the .Xr rusers 1 diff --git a/libexec/rpc.rusersd/rusersd.c b/libexec/rpc.rusersd/rusersd.c index 6b28bb5c581..9b4eff0a8a1 100644 --- a/libexec/rpc.rusersd/rusersd.c +++ b/libexec/rpc.rusersd/rusersd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rusersd.c,v 1.21 2019/06/28 13:32:53 deraadt Exp $ */ +/* $OpenBSD: rusersd.c,v 1.22 2022/02/21 19:49:46 mestre Exp $ */ /*- * Copyright (c) 1993 John Brezak @@ -80,11 +80,11 @@ main(int argc, char *argv[]) syslog(LOG_ERR, "no such user _rusersd"); exit(1); } - if (chroot("/var/empty") == -1) { - syslog(LOG_ERR, "cannot chdir to /var/empty."); + + if (unveil("/dev", "r") == -1) { + syslog(LOG_ERR, "unveil /dev"); exit(1); } - chdir("/"); setgroups(1, &pw->pw_gid); setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid); -- 2.20.1