FreeBSD Mail Archives

Date:      Fri, 7 Oct 2022 00:52:05 GMT
From:      "Simon J. Gerraty" <sjg@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org
Subject:   git: f48114b653a2 - main - ldd: ignore unverified files
Message-ID:  <202210070052.2970q5de065305@gitrepo.freebsd.org>

next in thread | raw e-mail | index | archive | help

The branch main has been updated by sjg:

URL: https://cgit.FreeBSD.org/src/commit/?id=f48114b653a2a3d8f817ad68186235595ce304ed

commit f48114b653a2a3d8f817ad68186235595ce304ed
Author:     Simon J. Gerraty <sjg@FreeBSD.org>
AuthorDate: 2022-10-07 00:51:28 +0000
Commit:     Simon J. Gerraty <sjg@FreeBSD.org>
CommitDate: 2022-10-07 00:51:28 +0000

    ldd: ignore unverified files
    
    When mac_veriexec is enforcing, we won't run unverified binaries,
    don't let ldd examine them either.
    
    Reviewed by:    stevek emaste
    MFC after:      1 week
    Sponsored by:   Juniper Networks, Inc.
    Differential Revision:  https://reviews.freebsd.org/D36897
---
 usr.bin/ldd/ldd.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/usr.bin/ldd/ldd.c b/usr.bin/ldd/ldd.c
index 8897c8cbfbc2..2cd2a4c72324 100644
--- a/usr.bin/ldd/ldd.c
+++ b/usr.bin/ldd/ldd.c
@@ -169,7 +169,7 @@ main(int argc, char *argv[])
 
 	rval = 0;
 	for (; argc > 0; argc--, argv++) {
-		if ((fd = open(*argv, O_RDONLY, 0)) < 0) {
+		if ((fd = open(*argv, O_RDONLY | O_VERIFY, 0)) < 0) {
 			warn("%s", *argv);
 			rval |= 1;
 			continue;

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202210070052.2970q5de065305>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation