Page MenuHomeFreeBSD

syslogd: Pre-open null file descriptor
ClosedPublic

Authored by jfree on Aug 8 2023, 4:36 PM.
Tags
None
Referenced Files
Unknown Object (File)
Sat, Nov 16, 9:15 PM
Unknown Object (File)
Oct 21 2024, 5:27 AM
Unknown Object (File)
Oct 21 2024, 5:27 AM
Unknown Object (File)
Oct 21 2024, 5:27 AM
Unknown Object (File)
Oct 21 2024, 4:01 AM
Unknown Object (File)
Oct 21 2024, 4:01 AM
Unknown Object (File)
Oct 21 2024, 4:01 AM
Unknown Object (File)
Oct 21 2024, 4:01 AM
Subscribers

Details

Summary
Open _PATH_DEVNULL before entering capability mode. Access to /dev/null
is needed for dup2() when piping commands.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

markj added inline comments.
usr.sbin/syslogd/syslogd.c
843

I think you could reasonably abort the process if /dev/null isn't accessible. Then you don't need those nulldesc >= 0 checks.

3581–3582

There is a pre-existing buglet here in that pfd[0] and [1] are not closed if pdfork() fails.

This revision is now accepted and ready to land.Aug 11 2023, 3:06 PM

Update after rebase and address Mark's comments

This revision now requires review to proceed.Aug 12 2023, 3:50 AM

Remove some rebasing errors (consfile got declared twice)

This revision is now accepted and ready to land.Aug 14 2023, 2:26 PM

The nulldesc descriptor is used in waitdaemon() so open it prior to calling waitdaemon()

This revision now requires review to proceed.Aug 14 2023, 5:52 PM

Update after peerlist rebase, adding pidfile_remove()

This revision is now accepted and ready to land.Aug 23 2023, 2:39 PM
This revision was automatically updated to reflect the committed changes.