From owner-p4-projects@FreeBSD.ORG  Wed Feb  3 15:29:50 2010
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 26D0A10656AB; Wed,  3 Feb 2010 15:29:50 +0000 (UTC)
Delivered-To: perforce@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id DF7FA10656A9
	for <perforce@freebsd.org>; Wed,  3 Feb 2010 15:29:49 +0000 (UTC)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id CC6EC8FC0A
	for <perforce@freebsd.org>; Wed,  3 Feb 2010 15:29:49 +0000 (UTC)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id o13FTn8W069775
	for <perforce@freebsd.org>; Wed, 3 Feb 2010 15:29:49 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.14.3/8.14.3/Submit) id o13FTnRr069773
	for perforce@freebsd.org; Wed, 3 Feb 2010 15:29:49 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Date: Wed, 3 Feb 2010 15:29:49 GMT
Message-Id: <201002031529.o13FTnRr069773@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	bb+lists.freebsd.perforce@cyrus.watson.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Precedence: bulk
Cc: 
Subject: PERFORCE change 174240 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Feb 2010 15:29:50 -0000

http://p4web.freebsd.org/chv.cgi?CH=174240

Change 174240 by rwatson@rwatson_vimage_client on 2010/02/03 15:29:13

	Further constrain sandboxed tcpdump: don't allow excessive access to
	stdin, stdout, and stderr.

Affected files ...

.. //depot/projects/trustedbsd/capabilities/src/contrib/tcpdump/tcpdump.c#6 edit
.. //depot/projects/trustedbsd/capabilities/src/usr.sbin/tcpdump/tcpdump/Makefile#3 edit

Differences ...

==== //depot/projects/trustedbsd/capabilities/src/contrib/tcpdump/tcpdump.c#6 (text+ko) ====

@@ -77,6 +77,7 @@
 #endif /* WIN32 */
 
 #include <sys/capability.h>
+#include <libcapsicum.h>
 
 #include "netdissect.h"
 #include "interface.h"
@@ -1198,6 +1199,12 @@
 		(void)fflush(stderr);
 	}
 #endif /* WIN32 */
+	if (lc_limitfd(STDIN_FILENO, CAP_FSTAT) < 0)
+		error("lc_limitfd: unable to limit STDIN_FILENO");
+	if (lc_limitfd(STDOUT_FILENO, CAP_FSTAT | CAP_SEEK | CAP_WRITE) < 0)
+		error("lc_limitfd: unable to limit STDIN_FILENO");
+	if (lc_limitfd(STDERR_FILENO, CAP_FSTAT | CAP_SEEK | CAP_WRITE) < 0)
+		error("lc_limitfd: unable to limit STDIN_FILENO");
 	if (cap_enter() < 0)
 		error("cap_enter: %s", pcap_strerror(errno));
 	status = pcap_loop(pd, cnt, callback, pcap_userdata);

==== //depot/projects/trustedbsd/capabilities/src/usr.sbin/tcpdump/tcpdump/Makefile#3 (text+ko) ====

@@ -50,8 +50,8 @@
 CFLAGS+=	-DLBL_ALIGN
 .endif
 
-DPADD=	${LIBL} ${LIBPCAP}
-LDADD=	-ll -lpcap
+DPADD=	${LIBL} ${LIBPCAP} ${LIBCAPSICUM}
+LDADD=	-ll -lpcap -lcapsicum
 .if ${MK_OPENSSL} != "no" && !defined(RELEASE_CRUNCH)
 DPADD+= ${LIBCRYPTO}
 LDADD+= -lcrypto