CVSROOT: /cvs
Module name: src
Changes by: sema...@cvs.openbsd.org 2015/10/26 01:44:43
Modified files:
sys/kern : kern_pledge.c
Log message:
change some pledge_fail() error/code
- for PLEDGE_FATTR: the code is more accurate to be PLEDGE_FATTR, has
p->p_pledgenote could have multiple bits inside, and it is the lake of
PLEDGE_FATTR that make the check fail.
- for PLEDGE_RECVFD and PLEDGE_SENDFD, change the error to be EINVAL: we fail,
not because of lake of PLEDGE_RECVFD / PLEDGE_SENDFD permission, but because
the value passed is invalid in pledged program (for example trying to send a
VDIR).
"go ahead" deraadt@
