From b850d4846b8f4f2c3631347456e2976c1610d163 Mon Sep 17 00:00:00 2001
From: deraadt <deraadt@openbsd.org>
Date: Tue, 6 Oct 2015 14:38:23 +0000
Subject: [PATCH] oops, namei was never allowing through valid CPATH operations

---
 sys/kern/kern_tame.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/sys/kern/kern_tame.c b/sys/kern/kern_tame.c
index 75eb3cf77ce..5d0370dad3b 100644
--- a/sys/kern/kern_tame.c
+++ b/sys/kern/kern_tame.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_tame.c,v 1.59 2015/10/06 14:02:49 deraadt Exp $	*/
+/*	$OpenBSD: kern_tame.c,v 1.60 2015/10/06 14:38:23 deraadt Exp $	*/
 
 /*
  * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
@@ -650,9 +650,10 @@ tame_namei(struct proc *p, char *origpath)
 
 	if (p->p_p->ps_tame & TAME_RPATH)
 		return (0);
-
 	if (p->p_p->ps_tame & TAME_WPATH)
 		return (0);
+	if (p->p_p->ps_tame & TAME_CPATH)
+		return (0);
 
 	return (tame_fail(p, EPERM, TAME_RPATH));
 }
-- 
2.20.1