diff options
| author | Mariusz Zaborski <oshogbo@FreeBSD.org> | 2016-10-07 19:02:13 +0000 |
|---|---|---|
| committer | Mariusz Zaborski <oshogbo@FreeBSD.org> | 2016-10-07 19:02:13 +0000 |
| commit | abdfa0b19c10ffe333b4782ec146c9f76592eb4a (patch) | |
| tree | 453aa782cb8799b55ebbbd1a6c77e5c0442ec2b9 /usr.bin/cmp/cmp.c | |
| parent | a4e3fc54a0b2fe6f829b80fde801516aec045e9b (diff) | |
| download | src-abdfa0b19c10ffe333b4782ec146c9f76592eb4a.tar.gz src-abdfa0b19c10ffe333b4782ec146c9f76592eb4a.zip | |
Restrict stdin if it's not in use.
Reviewed by: emaste, cem
Differential Revision: https://reviews.freebsd.org/D8184
Notes
Notes:
svn path=/head/; revision=306820
Diffstat (limited to 'usr.bin/cmp/cmp.c')
| -rw-r--r-- | usr.bin/cmp/cmp.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/usr.bin/cmp/cmp.c b/usr.bin/cmp/cmp.c index 2aa5603e49ef..a49aebce21c5 100644 --- a/usr.bin/cmp/cmp.c +++ b/usr.bin/cmp/cmp.c @@ -164,6 +164,14 @@ main(int argc, char *argv[]) if (cap_fcntls_limit(fd2, fcntls) < 0 && errno != ENOSYS) err(ERR_EXIT, "unable to limit fcntls for %s", file2); + if (!special) { + cap_rights_init(&rights); + if (cap_rights_limit(STDIN_FILENO, &rights) < 0 && + errno != ENOSYS) { + err(ERR_EXIT, "unable to limit stdio"); + } + } + if (caph_limit_stdout() == -1 || caph_limit_stderr() == -1) err(ERR_EXIT, "unable to limit stdio"); |