CVSROOT: /cvs
Module name: src
Changes by: mes...@cvs.openbsd.org 2018/09/28 12:21:52
Modified files:
usr.bin/sdiff : sdiff.c
Log message:
Add unveil(2) to sdiff(1) to the following files:
filename1 - given via args - read permission
filename2 - same as above
tmpdir - if TMPDIR env var is changed, or _PATH_TMP by default -
read/write/create/delete permissions
/usr/bin/diff - the default diff program - execute permission
_PATH_BSHELL - to spawn an EDITOR/VISUAL if -o is used - execute
permission
this diff only applies unveil(2) if -F is not used, meaning that we are not
changing the default diff program to be used since that way we would need to
find where the binary is whereas by default we are sure that the path is
/usr/bin/diff. this will be revisited at a later stage to cover all cases.
feedback and OK millert@ deraadt@
