From d2f658a972cf4ff38f61aa9d796b3cb471034bb1 Mon Sep 17 00:00:00 2001 From: deraadt Date: Tue, 6 Oct 2015 03:25:02 +0000 Subject: [PATCH] unfortunately tame "stdio" can only happen well after the sequence of: utmp parsing, tty opening, setresgid to drop privs. it only protects a basic io loop. discussed with doug --- usr.bin/write/write.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/usr.bin/write/write.c b/usr.bin/write/write.c index 1f7f10a2474..d239d27482c 100644 --- a/usr.bin/write/write.c +++ b/usr.bin/write/write.c @@ -1,4 +1,4 @@ -/* $OpenBSD: write.c,v 1.29 2015/10/05 07:09:46 deraadt Exp $ */ +/* $OpenBSD: write.c,v 1.30 2015/10/06 03:25:02 deraadt Exp $ */ /* $NetBSD: write.c,v 1.5 1995/08/31 21:48:32 jtc Exp $ */ /* @@ -246,6 +246,13 @@ do_write(char *tty, char *mytty, uid_t myuid) if (setresgid(gid, gid, gid) == -1) err(1, "setresgid"); + /* + * Unfortunately this is rather late - well after utmp + * parsing, then pinned by the tty open and setresgid + */ + if (tame("stdio", NULL) == -1) + err(1, "tame"); + (void)signal(SIGINT, done); (void)signal(SIGHUP, done); -- 2.20.1