Hi,
Yes, this is a really broad permission to give but it's needed in order to read
the config file (and those ones included from it) and also to exec the "check
script(s)" which I missed in my last attempt to unveil(2) relayd(8).
The reason it cannot be pledge(2)d is due to forbidden ioctls(2)s related to
carp(4).
This permits reading or execing anything from the filesystem but at least
prevents create/write/delete files and regress tests still pass.
Comments? OK?
Index: relayd.c
===================================================================
RCS file: /cvs/src/usr.sbin/relayd/relayd.c,v
retrieving revision 1.182
diff -u -p -u -r1.182 relayd.c
--- relayd.c 15 Sep 2019 19:23:29 -0000 1.182
+++ relayd.c 18 Jun 2020 22:19:50 -0000
@@ -223,6 +223,11 @@ main(int argc, char *argv[])
if (ps->ps_noaction == 0)
log_info("startup");
+ if (unveil("/", "rx") == -1)
+ err(1, "unveil");
+ if (unveil(NULL, NULL) == -1)
+ err(1, "unveil");
+
event_init();
signal_set(&ps->ps_evsigint, SIGINT, parent_sig_handler, ps);
