From f64986d92281587a22b8b2a35cdd854d25197474 Mon Sep 17 00:00:00 2001 From: deraadt Date: Fri, 9 Oct 2015 17:18:20 +0000 Subject: [PATCH] Have not come up with a great pattern for flock() yet. flock() is permitted by "getpw" because libc getpw*/getgr* use open() of /var/run/ypbind.lock plus flock() to detect YP running. The kernel observes this dance to "open up" the YP door (ugliness should drive us to rewrite this mechanism from SunOS later). however, flock is also used independently. Current users are htpasswd mail skeyinit tmux authpf pwd_mkdb ldapd smtpd ypbind login_token mail.local lockspool Let's enable flock() for "cpath", and see if that helps these programs, otherwise we'll try "wpath" next. --- sys/kern/kern_pledge.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c index bf11c1962dc..ed5fbf7eccc 100644 --- a/sys/kern/kern_pledge.c +++ b/sys/kern/kern_pledge.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_pledge.c,v 1.4 2015/10/09 05:30:03 deraadt Exp $ */ +/* $OpenBSD: kern_pledge.c,v 1.5 2015/10/09 17:18:20 deraadt Exp $ */ /* * Copyright (c) 2015 Nicholas Marriott @@ -217,7 +217,8 @@ const u_int pledge_syscalls[SYS_MAXSYSCALL] = { [SYS_setsockopt] = PLEDGE_INET | PLEDGE_UNIX, [SYS_getsockopt] = PLEDGE_INET | PLEDGE_UNIX, - [SYS_flock] = PLEDGE_GETPW, + /* XXX getpw for the ypbind.lock; all other flock users have cpath */ + [SYS_flock] = PLEDGE_GETPW | PLEDGE_CPATH, }; static const struct { -- 2.20.1