CVSROOT: /cvs Module name: src Changes by: mes...@cvs.openbsd.org 2021/12/15 04:23:09
Modified files: usr.bin/usbhidaction: usbhidaction.c Log message: restrict filesystem access with unveil(2). this one opens the default table file "/usr/share/misc/usb_hid_usages" through hid_start(3) from libusbhid, then `dev' (will be the fd used on the ioctls) and finally `conf' which is the file with the actions to be monitored. `conf' needs to be unveil(2)ed with read perms since usbhidaction(1) can run as daemon and this file will be re-read if a SIGHUP is catched. looks good deraadt@