CVSROOT: /cvs
Module name: src
Changes by: b...@cvs.openbsd.org 2016/04/28 08:25:08
Modified files:
sys/kern : kern_pledge.c vfs_lookup.c
sys/sys : namei.h pledge.h
Log message:
1) Split pledge whitelist path handling out of pledge_namei() and into
pledge_namei_wlpath(). Call the wlpath check only at the end of namei
after the namei lookup would otherwise succeed.
2) Add support to namei to keep the path that was looked up, without the
symlinks in it, and use that path for whitelist path lookups. This
means that paths in pledge whitelists will need to always be the
real path to an intended file to whitelist, without symlinks. Any
symlinks to the "real" file will then be allowed
ok deraadt@ semarie@
