Page MenuHomeFreeBSD

syslogd: Pre-open null file descriptor
ClosedPublic

Authored by jfree on Aug 8 2023, 4:36 PM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Jan 22, 6:18 AM
Unknown Object (File)
Thu, Jan 16, 3:43 AM
Unknown Object (File)
Nov 30 2024, 10:18 AM
Unknown Object (File)
Nov 27 2024, 11:49 PM
Unknown Object (File)
Nov 27 2024, 8:45 AM
Unknown Object (File)
Nov 16 2024, 9:15 PM
Unknown Object (File)
Oct 21 2024, 5:27 AM
Unknown Object (File)
Oct 21 2024, 5:27 AM
Subscribers

Details

Summary
Open _PATH_DEVNULL before entering capability mode. Access to /dev/null
is needed for dup2() when piping commands.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

markj added inline comments.
usr.sbin/syslogd/syslogd.c
871

I think you could reasonably abort the process if /dev/null isn't accessible. Then you don't need those nulldesc >= 0 checks.

3611–3612

There is a pre-existing buglet here in that pfd[0] and [1] are not closed if pdfork() fails.

This revision is now accepted and ready to land.Aug 11 2023, 3:06 PM

Update after rebase and address Mark's comments

This revision now requires review to proceed.Aug 12 2023, 3:50 AM

Remove some rebasing errors (consfile got declared twice)

This revision is now accepted and ready to land.Aug 14 2023, 2:26 PM

The nulldesc descriptor is used in waitdaemon() so open it prior to calling waitdaemon()

This revision now requires review to proceed.Aug 14 2023, 5:52 PM

Update after peerlist rebase, adding pidfile_remove()

This revision is now accepted and ready to land.Aug 23 2023, 2:39 PM
This revision was automatically updated to reflect the committed changes.