Jeremie Courreges-Anglas(j...@wxcvbn.org) on 2017.07.22 21:40:53 +0200: > > If you destroy the interface pflogd(8) listens on, you get killed > because socket(2) is denied by the current pledge(2) restrictions: > > pflogd(15868): syscall 97 "inet" > > The ioctl(SIOCGIFDATA) call would be fatal too. > > The diff below just uses if_nametoindex(3), which is always allowed. > The if_exists() function is then so simple that it could be deleted. > > # ./obj/pflogd -s 160 -D -i pflog1 > [priv]: msg PRIV_OPEN_LOG received > interface pflog1 went away > Exiting > > Opinions / ok?
ok > Index: pflogd.c > =================================================================== > RCS file: /d/cvs/src/sbin/pflogd/pflogd.c,v > retrieving revision 1.53 > diff -u -p -p -u -r1.53 pflogd.c > --- pflogd.c 16 Jan 2016 03:17:48 -0000 1.53 > +++ pflogd.c 22 Jul 2017 19:28:21 -0000 > @@ -194,23 +194,7 @@ set_pcap_filter(void) > int > if_exists(char *ifname) > { > - int s, ret = 1; > - struct ifreq ifr; > - struct if_data ifrdat; > - > - if ((s = socket(AF_INET, SOCK_DGRAM, 0)) == -1) > - err(1, "socket"); > - bzero(&ifr, sizeof(ifr)); > - if (strlcpy(ifr.ifr_name, ifname, sizeof(ifr.ifr_name)) >= > - sizeof(ifr.ifr_name)) > - errx(1, "main ifr_name: strlcpy"); > - ifr.ifr_data = (caddr_t)&ifrdat; > - if (ioctl(s, SIOCGIFDATA, (caddr_t)&ifr) == -1) > - ret = 0; > - if (close(s)) > - err(1, "close"); > - > - return (ret); > + return (if_nametoindex(ifname) != 0); > } > > int > > -- > jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE >