unveil hotplugd

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

unveil hotplugd

Ricardo Mestre-2
Hi,

hotplugd(8) needs to open(2) `device' with read permissions, /dev/hotplug by
default but can be changed via arguments. Then it needs read/execute on both
_PATH_ETC_HOTPLUG_{ATTACH,DETACH} to access(2) and execl(3) them.

Tested successfully attaching/dettaching (mount/umount) an USB pen. Comments?
OK?

Index: hotplugd.c
===================================================================
RCS file: /cvs/src/usr.sbin/hotplugd/hotplugd.c,v
retrieving revision 1.14
diff -u -p -u -r1.14 hotplugd.c
--- hotplugd.c 31 Jul 2016 20:13:12 -0000 1.14
+++ hotplugd.c 7 Nov 2018 15:31:19 -0000
@@ -61,9 +61,6 @@ main(int argc, char *argv[])
  struct sigaction sact;
  struct hotplug_event he;
 
- if (pledge("stdio rpath proc exec", NULL) == -1)
- err(1, "pledge");
-
  while ((ch = getopt(argc, argv, "d:")) != -1)
  switch (ch) {
  case 'd':
@@ -79,6 +76,15 @@ main(int argc, char *argv[])
  argv += optind;
  if (argc > 0)
  usage();
+
+ if (unveil(device, "r") == -1)
+ err(1, "unveil");
+ if (unveil(_PATH_ETC_HOTPLUG_ATTACH, "rx") == -1)
+ err(1, "unveil");
+ if (unveil(_PATH_ETC_HOTPLUG_DETACH, "rx") == -1)
+ err(1, "unveil");
+ if (pledge("stdio rpath proc exec", NULL) == -1)
+ err(1, "pledge");
 
  if ((devfd = open(device, O_RDONLY | O_CLOEXEC)) == -1)
  err(1, "%s", device);