Browse Source

Revert back previous commit, we have decided that socket files don't cause any

harm if not deleted after the daemon is shutdown and at the same time we also
tackle another attack surface by not allowing the program to create/delete
any more files (by removing "cpath" promise from pledge(2)).
Discussion initiated by a question from deraadt@ OK florian@
OPENBSD_6_4
mestre 6 years ago
parent
commit
7b9d9ca1a6
3 changed files with 4 additions and 13 deletions
  1. +1
    -8
      src/usr.sbin/ntpd/control.c
  2. +2
    -3
      src/usr.sbin/ntpd/ntpd.c
  3. +1
    -2
      src/usr.sbin/ntpd/ntpd.h

+ 1
- 8
src/usr.sbin/ntpd/control.c View File

@ -1,4 +1,4 @@
/* $OpenBSD: control.c,v 1.12 2017/01/09 14:04:31 krw Exp $ */
/* $OpenBSD: control.c,v 1.13 2018/08/04 11:07:14 mestre Exp $ */
/* /*
* Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@ -99,13 +99,6 @@ control_shutdown(int fd)
close(fd); close(fd);
} }
void
control_cleanup(const char *path)
{
if (path)
unlink(path);
}
int int
control_accept(int listenfd) control_accept(int listenfd)
{ {


+ 2
- 3
src/usr.sbin/ntpd/ntpd.c View File

@ -1,4 +1,4 @@
/* $OpenBSD: ntpd.c,v 1.114 2018/08/02 13:05:34 mestre Exp $ */
/* $OpenBSD: ntpd.c,v 1.115 2018/08/04 11:07:14 mestre Exp $ */
/* /*
* Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@ -244,7 +244,7 @@ main(int argc, char *argv[])
* Constraint processes are forked with certificates in memory, * Constraint processes are forked with certificates in memory,
* then privdrop into chroot before speaking to the outside world. * then privdrop into chroot before speaking to the outside world.
*/ */
if (pledge("stdio rpath cpath inet settime proc exec id", NULL) == -1)
if (pledge("stdio rpath inet settime proc exec id", NULL) == -1)
err(1, "pledge"); err(1, "pledge");
while (quit == 0) { while (quit == 0) {
@ -327,7 +327,6 @@ main(int argc, char *argv[])
msgbuf_clear(&ibuf->w); msgbuf_clear(&ibuf->w);
free(ibuf); free(ibuf);
control_cleanup(CTLSOCKET);
log_info("Terminating"); log_info("Terminating");
return (0); return (0);
} }


+ 1
- 2
src/usr.sbin/ntpd/ntpd.h View File

@ -1,4 +1,4 @@
/* $OpenBSD: ntpd.h,v 1.135 2017/05/30 23:30:48 benno Exp $ */
/* $OpenBSD: ntpd.h,v 1.136 2018/08/04 11:07:14 mestre Exp $ */
/* /*
* Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@ -397,7 +397,6 @@ void ntp_dns(struct ntpd_conf *, struct passwd *);
int control_init(char *); int control_init(char *);
int control_listen(int); int control_listen(int);
void control_shutdown(int); void control_shutdown(int);
void control_cleanup(const char *);
int control_accept(int); int control_accept(int);
struct ctl_conn *control_connbyfd(int); struct ctl_conn *control_connbyfd(int);
int control_close(int); int control_close(int);


Loading…
Cancel
Save