Page MenuHomeFreeBSD
Differential D26236

Capsicumize file(1)
Needs ReviewPublic
Actions

Authored by shubh on Aug 30 2020, 4:48 PM.
Tags
Referenced Files
Unknown Object (File)
Mon, Apr 27, 6:56 PM
Unknown Object (File)
Apr 25 2026, 9:40 AM
Unknown Object (File)
Apr 21 2026, 11:24 AM
Unknown Object (File)
Apr 20 2026, 9:13 AM
Unknown Object (File)
Apr 20 2026, 9:13 AM
Unknown Object (File)
Apr 12 2026, 1:49 AM
Unknown Object (File)
Apr 11 2026, 11:13 PM
Unknown Object (File)
Apr 11 2026, 6:22 AM
View All 72 Files
Subscribers
delphij
jonathan
capsicum

Details

Reviewers
markj
oshogbo
christos_netbsd.org
Summary

Used the cap_fileargs to open the files in capability mode.

file <multiple argument of files>

works in capability mode

This patch has a limitation:

  • file -f a.txt where a.txt has a list of files, doesn't work in capability mode
Test Plan

ktrace file a.txt
kdump | grep cap

Diff Detail

Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

shubh created this revision.Aug 30 2020, 4:48 PM
Herald added a subscriber: jonathan. · View Herald TranscriptAug 30 2020, 4:48 PM
shubh requested review of this revision.Aug 30 2020, 4:48 PM
delphij added a reviewer: christos_netbsd.org.Aug 30 2020, 10:06 PM
delphij added a subscriber: delphij.

Please be sure to talk with upstream (Christos) before making changes.

oshogbo added inline comments.Sep 6 2020, 2:13 PM
contrib/file/src/file.c
181

style.

429

I'm not sure if I'm fun of this.
Why we have two diffrent place to enter capability mode?
We can't enter one time like seccomp above?

Revision Contents
Changeset List

PathSize
contrib/
file/
src/
9 lines
34 lines
19 lines
6 lines
lib/
libmagic/
10 lines
usr.bin/
file/
10 lines

Diff 76369

View Options

contrib/file/src/file.h

Loading...
View Options

contrib/file/src/file.c

Loading...
View Options

contrib/file/src/fsmagic.c

Loading...
View Options

contrib/file/src/magic.c

Loading...
View Options

lib/libmagic/Makefile

Loading...
View Options

usr.bin/file/Makefile

Loading...