From aca648249d0998fa3c67a9463ebb4c02ca8d4c31 Mon Sep 17 00:00:00 2001 From: deraadt Date: Thu, 3 Jun 2021 13:38:18 +0000 Subject: [PATCH] (man page also) secure_path(3) hasn't been called since we recognized the TOCTOU issues a few years back, so we can remove it. Since nothing in the ecosystem calls it, I am not cranking the libc major as required, surely another crank will come along soon. noticed by Dante Catalfamo ok millert --- lib/libc/gen/login_cap.3 | 14 ++------------ 1 file changed, 2 insertions(+), 12 deletions(-) diff --git a/lib/libc/gen/login_cap.3 b/lib/libc/gen/login_cap.3 index 457e4b7ec84..892a9db8967 100644 --- a/lib/libc/gen/login_cap.3 +++ b/lib/libc/gen/login_cap.3 @@ -29,10 +29,10 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $OpenBSD: login_cap.3,v 1.17 2015/11/10 23:48:18 jmc Exp $ +.\" $OpenBSD: login_cap.3,v 1.18 2021/06/03 13:38:18 deraadt Exp $ .\" BSDI $From: login_cap.3,v 1.4 1997/11/07 16:22:27 jch Exp $ .\" -.Dd $Mdocdate: November 10 2015 $ +.Dd $Mdocdate: June 3 2021 $ .Dt LOGIN_GETCLASS 3 .Os .Sh NAME @@ -44,7 +44,6 @@ .Nm login_getcapstr , .Nm login_getcaptime , .Nm login_close , -.Nm secure_path , .Nm setclasscontext , .Nm setusercontext .Nd query login.conf database about a user class @@ -68,8 +67,6 @@ .Ft void .Fn login_close "login_cap_t *lc" .Ft int -.Fn secure_path "char *path" -.Ft int .Fn setclasscontext "char *class" "unsigned int flags" .Ft int .Fn setusercontext "login_cap_t *lc" "struct passwd *pwd" "uid_t uid" "unsigned int flags" @@ -174,13 +171,6 @@ with no value, was found, zero otherwise. .Pp The -.Fn secure_path -function takes a path name and returns 0 if the path name is secure, \-1 -if not. -To be secure a path must exist, be a regular file (and not a directory), -owned by root, and only writable by the owner (root). -.Pp -The .Fn setclasscontext function takes .Ar class , -- 2.20.1