Hi,
_PATH_MASTERPASSWD_LOCK is opened, from libutil, with O_WRONLY|O_CREAT and then
unlinked when not necessary anymore so it doesn't need read permissions.
OK?
Index: local_passwd.c
===================================================================
RCS file: /cvs/src/usr.bin/passwd/local_passwd.c,v
retrieving revision 1.59
diff -u -p -u -r1.59 local_passwd.c
--- local_passwd.c 12 Jul 2021 15:09:20 -0000 1.59
+++ local_passwd.c 30 Jul 2021 15:41:05 -0000
@@ -72,7 +72,7 @@ local_passwd(char *uname, int authentica
return(1);
}
- if (unveil(_PATH_MASTERPASSWD_LOCK, "rwc") == -1)
+ if (unveil(_PATH_MASTERPASSWD_LOCK, "wc") == -1)
err(1, "unveil %s", _PATH_MASTERPASSWD_LOCK);
if (unveil(_PATH_MASTERPASSWD, "r") == -1)
err(1, "unveil %s", _PATH_MASTERPASSWD);
