Page MenuHomeFreeBSD
Differential D26236

Capsicumize file(1)
Needs ReviewPublic
Actions

Authored by shubh on Aug 30 2020, 4:48 PM.
Tags
Referenced Files
Unknown Object (File)
Sat, Nov 1, 8:54 PM
Unknown Object (File)
Mon, Oct 20, 10:16 PM
Unknown Object (File)
Oct 8 2025, 7:00 AM
Unknown Object (File)
Sep 27 2025, 7:33 AM
Unknown Object (File)
Sep 17 2025, 12:20 PM
Unknown Object (File)
Sep 10 2025, 11:37 AM
Unknown Object (File)
Sep 6 2025, 4:15 PM
Unknown Object (File)
Sep 2 2025, 9:04 PM
View All 51 Files
Subscribers
delphij
jonathan
capsicum

Details

Reviewers
markj
oshogbo
christos_netbsd.org
Summary

Used the cap_fileargs to open the files in capability mode.

file <multiple argument of files>

works in capability mode

This patch has a limitation:

  • file -f a.txt where a.txt has a list of files, doesn't work in capability mode
Test Plan

ktrace file a.txt
kdump | grep cap

Diff Detail

Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

shubh created this revision.Aug 30 2020, 4:48 PM
Herald added a subscriber: jonathan. · View Herald TranscriptAug 30 2020, 4:48 PM
shubh requested review of this revision.Aug 30 2020, 4:48 PM
delphij added a reviewer: christos_netbsd.org.Aug 30 2020, 10:06 PM
delphij added a subscriber: delphij.

Please be sure to talk with upstream (Christos) before making changes.

oshogbo added inline comments.Sep 6 2020, 2:13 PM
contrib/file/src/file.c
181

style.

429

I'm not sure if I'm fun of this.
Why we have two diffrent place to enter capability mode?
We can't enter one time like seccomp above?

Revision Contents
Changeset List

PathSize
contrib/
file/
src/
9 lines
34 lines
19 lines
6 lines
lib/
libmagic/
10 lines
usr.bin/
file/
10 lines

Diff 76369

View Options

contrib/file/src/file.h

Loading...
View Options

contrib/file/src/file.c

Loading...
View Options

contrib/file/src/fsmagic.c

Loading...
View Options

contrib/file/src/magic.c

Loading...
View Options

lib/libmagic/Makefile

Loading...
View Options

usr.bin/file/Makefile

Loading...