On 09/03/2017 23:35, Joe Holden wrote:
On 09/03/2017 23:02, Joe Holden wrote:
Hi,
So - it seems that pledge will deny a change of rtable to 0 when using
level SOL_SOCKET and the current rtable is >0, so eg if you're in table
1 and you do ping -V0 it will fail.
Can anyone shed any light on why this is restricted? Especially since
the same can be achieved with route -T0 exec
Thanks!
Actually, just realised why it doesn't work - it drops privs before
setting rtable, nevermind.
Something like:
Index: sbin/ping/ping.c
===================================================================
RCS file: /cvs/src/sbin/ping/ping.c,v
retrieving revision 1.218
diff -u -p -r1.218 ping.c
--- sbin/ping/ping.c 22 Feb 2017 13:43:35 -0000 1.218
+++ sbin/ping/ping.c 16 Mar 2017 19:58:28 -0000
@@ -283,10 +283,6 @@ main(int argc, char *argv[])
uid = getuid();
gid = getgid();
}
- if (setgroups(1, &gid) ||
- setresgid(gid, gid, gid) ||
- setresuid(uid, uid, uid))
- err(1, "unable to revoke privs");
preload = 0;
datap = &outpack[ECHOLEN + ECHOTMLEN];
@@ -427,6 +423,11 @@ main(int argc, char *argv[])
usage();
}
}
+
+ if (setgroups(1, &gid) ||
+ setresgid(gid, gid, gid) ||
+ setresuid(uid, uid, uid))
+ err(1, "unable to revoke privs");
argc -= optind;
argv += optind;
perhaps, but haven't closely looked if there is any scope for escalation
or anything during option parsing
