From 23bc116ea67fb0007aa9ae03f6f78b38ab005d8d Mon Sep 17 00:00:00 2001 From: mestre Date: Sat, 11 Aug 2018 11:01:37 +0000 Subject: [PATCH] the only fs access kdump(1) needs is to the tracefile which by default is ktrace.out unless argument -f is used. We can just unveil(2) that file with read permissions before the pledge(2) call. OK deraadt@ --- usr.bin/kdump/kdump.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/usr.bin/kdump/kdump.c b/usr.bin/kdump/kdump.c index b80f7450685..fdaea84b2bb 100644 --- a/usr.bin/kdump/kdump.c +++ b/usr.bin/kdump/kdump.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kdump.c,v 1.133 2017/11/28 15:35:02 guenther Exp $ */ +/* $OpenBSD: kdump.c,v 1.134 2018/08/11 11:01:37 mestre Exp $ */ /*- * Copyright (c) 1988, 1993 @@ -208,6 +208,8 @@ main(int argc, char *argv[]) if (argc > optind) usage(); + if (unveil(tracefile, "r") == -1) + err(1, "unveil"); if (pledge("stdio rpath getpw", NULL) == -1) err(1, "pledge"); -- 2.20.1