From 8d69996f0cfd994d25340538cec24a67d15856f7 Mon Sep 17 00:00:00 2001 From: deraadt Date: Fri, 3 Aug 2018 06:57:34 +0000 Subject: [PATCH] pledge() a little later, after getopt operation, when we know tty name. We can then unveil the tty file, and pledge() as before. No other files are accessed after that point in time. --- usr.bin/mesg/mesg.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/usr.bin/mesg/mesg.c b/usr.bin/mesg/mesg.c index e7e960094e9..a2dc944ed5c 100644 --- a/usr.bin/mesg/mesg.c +++ b/usr.bin/mesg/mesg.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mesg.c,v 1.12 2016/07/07 09:26:26 semarie Exp $ */ +/* $OpenBSD: mesg.c,v 1.13 2018/08/03 06:57:34 deraadt Exp $ */ /* $NetBSD: mesg.c,v 1.4 1994/12/23 07:16:32 jtc Exp $ */ /* @@ -52,9 +52,6 @@ main(int argc, char *argv[]) char *tty; int ch; - if (pledge("stdio rpath fattr", NULL) == -1) - err(2, "pledge"); - while ((ch = getopt(argc, argv, "")) != -1) switch (ch) { case '?': @@ -66,6 +63,12 @@ main(int argc, char *argv[]) if ((tty = ttyname(STDERR_FILENO)) == NULL) err(2, "ttyname"); + + if (unveil(tty, "rw") == -1) + err(1, "unveil"); + if (pledge("stdio rpath fattr", NULL) == -1) + err(1, "unveil"); + if (stat(tty, &sb) < 0) err(2, "%s", tty); -- 2.20.1