On Sun, Oct 04, 2015 at 01:33:12AM +0200, Mike Burns wrote:
> - Use stdio instead of rw because of mprotect(2) in atexit.
> - Pass the path to the file that can be opened.
with "rpath" request, you can already open the file you want. The `path'
argument of tame(2) is used to *restrict* the files you can access with
"rpath" (or other path related requests).
> - Switch to return instead of exit(3) in the nearby code.
it is a nop. calling return(1) from main() is near the same from calling
exit(1) (at least for this case): mprotect() will be called by atexit()
code.
> I suspect that the paths argument is unused or not yet ready, but I
> include in here regardless merely so that I can ask about it.
it could be used and is functional. if you have a specific problem,
please report it.
> There is one line of code between the initial tame(2) and the
> re-tame(2) -- this program has a tiny initialization, essentially. It
> reads oddly but again: included so that I can ask about it.
>
>
> Index: nologin.c
> ===================================================================
> RCS file: /cvs/src/sbin/nologin/nologin.c,v
> retrieving revision 1.5
> diff -u -p -r1.5 nologin.c
> --- nologin.c 10 Jul 2003 00:00:58 -0000 1.5
> +++ nologin.c 3 Oct 2015 23:26:44 -0000
> @@ -43,16 +43,24 @@ int main(int argc, char *argv[])
> int nfd;
> ssize_t nrd;
> char nbuf[BUFSIZ];
> + const char *paths[] = { _PATH_NOLOGIN_TXT };
the paths array should be NULL terminated:
const char *paths[] = { _PATH_NOLOGIN_TXT, NULL };
> +
> + if (tame("stdio rpath", paths) == -1)
> + perror("tame");
>
> nfd = open(_PATH_NOLOGIN_TXT, O_RDONLY);
> +
> + if (tame("stdio", NULL) == -1)
> + perror("tame");
> +
> if (nfd < 0) {
> write(STDOUT_FILENO, DEFAULT_MESG, strlen(DEFAULT_MESG));
> - exit (1);
> + return 1;
> }
>
> while ((nrd = read(nfd, nbuf, sizeof(nbuf))) != -1 && nrd != 0)
> write(STDOUT_FILENO, nbuf, nrd);
> close (nfd);
>
> - exit (1);
> + return 1;
> }
>
--
Sebastien Marie
