diff options
| author | Conrad Meyer <cem@FreeBSD.org> | 2016-12-16 02:03:40 +0000 |
|---|---|---|
| committer | Conrad Meyer <cem@FreeBSD.org> | 2016-12-16 02:03:40 +0000 |
| commit | 327240c75f23d6b4bdb2385e98208749a4aae554 (patch) | |
| tree | 00e791a445d89af544ce2c00cda51b61c989ad79 /usr.bin/hexdump | |
| parent | 208a8594598481b55ed54e7bd7e6386372f542ec (diff) | |
| download | src-327240c75f23d6b4bdb2385e98208749a4aae554.tar.gz src-327240c75f23d6b4bdb2385e98208749a4aae554.zip | |
hexdump(1): First cut capsicumification
For now, only enter the sandbox for the last file processed (including
stdin for zero-argument mode).
Sandboxing all inputs will require a little restructuring of the
program.
Feedback by: emaste@ (earlier versions)
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D7915
Notes
Notes:
svn path=/head/; revision=310143
Diffstat (limited to 'usr.bin/hexdump')
| -rw-r--r-- | usr.bin/hexdump/display.c | 16 | ||||
| -rw-r--r-- | usr.bin/hexdump/hexdump.c | 11 |
2 files changed, 27 insertions, 0 deletions
diff --git a/usr.bin/hexdump/display.c b/usr.bin/hexdump/display.c index 36230aa7da58..afa4672bc935 100644 --- a/usr.bin/hexdump/display.c +++ b/usr.bin/hexdump/display.c @@ -36,10 +36,13 @@ static char sccsid[] = "@(#)display.c 8.1 (Berkeley) 6/6/93"; __FBSDID("$FreeBSD$"); #include <sys/param.h> +#include <sys/capsicum.h> #include <sys/stat.h> +#include <capsicum_helpers.h> #include <ctype.h> #include <err.h> +#include <errno.h> #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -355,6 +358,19 @@ next(char **argv) return(0); statok = 0; } + + if (caph_limit_stream(fileno(stdin), CAPH_READ) < 0) + err(1, "unable to restrict %s", + statok ? _argv[-1] : "stdin"); + + /* + * We've opened our last input file; enter capsicum sandbox. + */ + if (*_argv == NULL) { + if (cap_enter() < 0 && errno != ENOSYS) + err(1, "unable to enter capability mode"); + } + if (skip) doskip(statok ? *_argv : "stdin", statok); if (*_argv) diff --git a/usr.bin/hexdump/hexdump.c b/usr.bin/hexdump/hexdump.c index d3c4bb51bac7..450c05316dbe 100644 --- a/usr.bin/hexdump/hexdump.c +++ b/usr.bin/hexdump/hexdump.c @@ -42,6 +42,9 @@ static char sccsid[] = "@(#)hexdump.c 8.1 (Berkeley) 6/6/93"; __FBSDID("$FreeBSD$"); #include <sys/types.h> +#include <sys/capsicum.h> +#include <capsicum_helpers.h> +#include <err.h> #include <locale.h> #include <stdlib.h> #include <stdio.h> @@ -76,6 +79,14 @@ main(int argc, char *argv[]) for (tfs = fshead; tfs; tfs = tfs->nextfs) rewrite(tfs); + /* + * Cache NLS data, for strerror, for err(3), before entering capability + * mode. + */ + caph_cache_catpages(); + if (caph_limit_stdio() < 0) + err(1, "capsicum"); + (void)next(argv); display(); exit(exitval); |