PR: 276915
Reported by: Hannes Hauswedell <h2+fbsdports@fsfe.org>
Details
Details
Diff Detail
Diff Detail
- Repository
- rG FreeBSD src repository
- Lint
Lint Not Applicable - Unit
Tests Not Applicable
Event Timeline
| sbin/md5/md5.c | ||
|---|---|---|
| 633 | It's not obvious to me that we want to limit rights on stdin as well (we might want CAP_IOCTL as well, for instance). Do the tests all pass when the kern.trap_enotcap sysctl is set to 1? | |
| sbin/md5/md5.c | ||
|---|---|---|
| 633 | Presumably it should also work if e.g. the user passes /dev/stdin as a file; I think it should be OK to apply the same &rights to files and stdin (even if more rights may be needed in the list) | |
| sbin/md5/md5.c | ||
|---|---|---|
| 633 | Normally for stdin we'd call caph_limit_stdin() which is _more_ restrictive than what we're asking for here, so it's fine. | |
| sbin/md5/md5.c | ||
|---|---|---|
| 633 | I think that's backwards? caph_limit_stdin() is less restrictive, e.g., because it includes CAP_IOCTL. In any case, I think this caph_rights_limit() call was useless before - we pass the rights to fileargs_open(), so they're applied automatically. We don't need to call it again here. I would suggest removing this call outright and replacing the existing caph_limit_stdout/stderr() calls with a caph_limit_stdio() call. We're still left with inconsistent behaviour for the /dev/stdin case as emaste mentioned, but that's probably harmless. | |
Comment Actions
I agree with Mark's comments on cap_rights_limit, though I think that's also an orthogonal fix.