From 1f2ac5f252e9a4dffb05e60fdbaf4382f35bb518 Mon Sep 17 00:00:00 2001 From: semarie Date: Thu, 7 Jul 2016 09:26:25 +0000 Subject: [PATCH] biff, mesg, vi: only consider ACCESSPERMS for setting tty mode. it explicitly removes any S_ISUID|S_ISGID|S_ISTXT bits, instead of letting pledge(2) silenciously remove them. ok beck@ deraadt@ --- usr.bin/biff/biff.c | 4 +++- usr.bin/mesg/mesg.c | 4 +++- usr.bin/vi/cl/cl_term.c | 3 ++- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/usr.bin/biff/biff.c b/usr.bin/biff/biff.c index 382124ab2ce..0cf7fd5d66c 100644 --- a/usr.bin/biff/biff.c +++ b/usr.bin/biff/biff.c @@ -1,4 +1,4 @@ -/* $OpenBSD: biff.c,v 1.14 2015/12/29 19:04:46 gsoares Exp $ */ +/* $OpenBSD: biff.c,v 1.15 2016/07/07 09:26:25 semarie Exp $ */ /* $NetBSD: biff.c,v 1.3 1995/03/26 02:34:22 glass Exp $ */ /* @@ -67,6 +67,8 @@ main(int argc, char *argv[]) if (stat(name, &sb)) err(2, "stat"); + sb.st_mode &= ACCESSPERMS; + if (*argv == NULL) { (void)printf("is %s\n", sb.st_mode & S_IXUSR ? "y" : "n"); exit(sb.st_mode & S_IXUSR ? 0 : 1); diff --git a/usr.bin/mesg/mesg.c b/usr.bin/mesg/mesg.c index 1d1265e4bd1..e7e960094e9 100644 --- a/usr.bin/mesg/mesg.c +++ b/usr.bin/mesg/mesg.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mesg.c,v 1.11 2016/01/25 21:59:36 gsoares Exp $ */ +/* $OpenBSD: mesg.c,v 1.12 2016/07/07 09:26:26 semarie Exp $ */ /* $NetBSD: mesg.c,v 1.4 1994/12/23 07:16:32 jtc Exp $ */ /* @@ -69,6 +69,8 @@ main(int argc, char *argv[]) if (stat(tty, &sb) < 0) err(2, "%s", tty); + sb.st_mode &= ACCESSPERMS; + if (*argv == NULL) { if (sb.st_mode & S_IWGRP) { (void)fprintf(stderr, "is y\n"); diff --git a/usr.bin/vi/cl/cl_term.c b/usr.bin/vi/cl/cl_term.c index 7e0c7971b1d..da68685ce1c 100644 --- a/usr.bin/vi/cl/cl_term.c +++ b/usr.bin/vi/cl/cl_term.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cl_term.c,v 1.25 2016/05/27 09:18:11 martijn Exp $ */ +/* $OpenBSD: cl_term.c,v 1.26 2016/07/07 09:26:26 semarie Exp $ */ /*- * Copyright (c) 1993, 1994 @@ -266,6 +266,7 @@ cl_omesg(SCR *sp, CL_PRIVATE *clp, int on) msgq(sp, M_SYSERR, "%s", tty); return (1); } + sb.st_mode &= ACCESSPERMS; /* Save the original status if it's unknown. */ if (clp->tgw == TGW_UNKNOWN) -- 2.20.1