Page MenuHomeFreeBSD
Differential D41381

syslogd: Pre-open null file descriptor
ClosedPublic
Actions

Authored by jfree on Aug 8 2023, 4:36 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Mar 17, 8:35 PM
Unknown Object (File)
Tue, Mar 11, 12:24 PM
Unknown Object (File)
Feb 20 2025, 12:31 AM
Unknown Object (File)
Feb 18 2025, 11:21 PM
Unknown Object (File)
Feb 18 2025, 7:23 PM
Unknown Object (File)
Feb 17 2025, 3:48 PM
Unknown Object (File)
Feb 17 2025, 9:35 AM
Unknown Object (File)
Jan 30 2025, 7:18 PM
View All Files
Subscribers
imp

Details

Reviewers
markj
emaste
Commits
rG7428ebfe7e25: syslogd: Pre-open null file descriptor
Summary
Open _PATH_DEVNULL before entering capability mode. Access to /dev/null
is needed for dup2() when piping commands.

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

jfree created this revision.Aug 8 2023, 4:36 PM
Herald added a subscriber: imp. · View Herald TranscriptAug 8 2023, 4:36 PM
jfree requested review of this revision.Aug 8 2023, 4:36 PM
jfree added a parent revision: D41380: syslogd: Do not open console descriptor.
markj accepted this revision.Aug 11 2023, 3:06 PM
markj added inline comments.
usr.sbin/syslogd/syslogd.c
843

I think you could reasonably abort the process if /dev/null isn't accessible. Then you don't need those nulldesc >= 0 checks.

3581–3582

There is a pre-existing buglet here in that pfd[0] and [1] are not closed if pdfork() fails.

This revision is now accepted and ready to land.Aug 11 2023, 3:06 PM
jfree updated this revision to Diff 125909.Aug 12 2023, 3:50 AM

Update after rebase and address Mark's comments

This revision now requires review to proceed.Aug 12 2023, 3:50 AM
jfree updated this revision to Diff 125910.Aug 12 2023, 3:57 AM

Remove some rebasing errors (consfile got declared twice)

jfree added a child revision: D41433: syslogd: Ignore signals in sigcatch[].Aug 12 2023, 4:03 AM
markj accepted this revision.Aug 14 2023, 2:26 PM
This revision is now accepted and ready to land.Aug 14 2023, 2:26 PM
jfree updated this revision to Diff 125987.Aug 14 2023, 5:51 PM
jfree mentioned this in D41380: syslogd: Do not open console descriptor.

The nulldesc descriptor is used in waitdaemon() so open it prior to calling waitdaemon()

This revision now requires review to proceed.Aug 14 2023, 5:52 PM
jfree updated this revision to Diff 126279.Aug 20 2023, 10:17 PM

Update after peerlist rebase, adding pidfile_remove()

markj accepted this revision.Aug 23 2023, 2:39 PM
This revision is now accepted and ready to land.Aug 23 2023, 2:39 PM
Closed by commit rG7428ebfe7e25: syslogd: Pre-open null file descriptor (authored by jfree, committed by markj). · Explain WhySep 28 2023, 3:54 PM
This revision was automatically updated to reflect the committed changes.
markj added a commit: rG7428ebfe7e25: syslogd: Pre-open null file descriptor.

Revision Contents
Changeset List

PathSize
usr.sbin/
syslogd/
24 lines

Diff 125987

View Options

usr.sbin/syslogd/syslogd.c

Loading...