From bf3450a9cfcd43400ed9ded8f001b182d471a264 Mon Sep 17 00:00:00 2001 From: mestre Date: Sat, 4 Aug 2018 11:07:14 +0000 Subject: [PATCH] Revert back previous commit, we have decided that socket files don't cause any harm if not deleted after the daemon is shutdown and at the same time we also tackle another attack surface by not allowing the program to create/delete any more files (by removing "cpath" promise from pledge(2)). Discussion initiated by a question from deraadt@ OK florian@ --- usr.sbin/ntpd/control.c | 9 +-------- usr.sbin/ntpd/ntpd.c | 5 ++--- usr.sbin/ntpd/ntpd.h | 3 +-- 3 files changed, 4 insertions(+), 13 deletions(-) diff --git a/usr.sbin/ntpd/control.c b/usr.sbin/ntpd/control.c index e726b8e574f..aa3b789768c 100644 --- a/usr.sbin/ntpd/control.c +++ b/usr.sbin/ntpd/control.c @@ -1,4 +1,4 @@ -/* $OpenBSD: control.c,v 1.12 2017/01/09 14:04:31 krw Exp $ */ +/* $OpenBSD: control.c,v 1.13 2018/08/04 11:07:14 mestre Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer @@ -99,13 +99,6 @@ control_shutdown(int fd) close(fd); } -void -control_cleanup(const char *path) -{ - if (path) - unlink(path); -} - int control_accept(int listenfd) { diff --git a/usr.sbin/ntpd/ntpd.c b/usr.sbin/ntpd/ntpd.c index aba1322392b..664fff4b2b6 100644 --- a/usr.sbin/ntpd/ntpd.c +++ b/usr.sbin/ntpd/ntpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ntpd.c,v 1.114 2018/08/02 13:05:34 mestre Exp $ */ +/* $OpenBSD: ntpd.c,v 1.115 2018/08/04 11:07:14 mestre Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer @@ -244,7 +244,7 @@ main(int argc, char *argv[]) * Constraint processes are forked with certificates in memory, * then privdrop into chroot before speaking to the outside world. */ - if (pledge("stdio rpath cpath inet settime proc exec id", NULL) == -1) + if (pledge("stdio rpath inet settime proc exec id", NULL) == -1) err(1, "pledge"); while (quit == 0) { @@ -327,7 +327,6 @@ main(int argc, char *argv[]) msgbuf_clear(&ibuf->w); free(ibuf); - control_cleanup(CTLSOCKET); log_info("Terminating"); return (0); } diff --git a/usr.sbin/ntpd/ntpd.h b/usr.sbin/ntpd/ntpd.h index 30ef206b472..deaf2a9afa5 100644 --- a/usr.sbin/ntpd/ntpd.h +++ b/usr.sbin/ntpd/ntpd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ntpd.h,v 1.135 2017/05/30 23:30:48 benno Exp $ */ +/* $OpenBSD: ntpd.h,v 1.136 2018/08/04 11:07:14 mestre Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer @@ -397,7 +397,6 @@ void ntp_dns(struct ntpd_conf *, struct passwd *); int control_init(char *); int control_listen(int); void control_shutdown(int); -void control_cleanup(const char *); int control_accept(int); struct ctl_conn *control_connbyfd(int); int control_close(int); -- 2.20.1