Tighten pledge in List and Append mode:

Drop "wpath cpath fattr dpath" in read-only: - cpio -i -t < test.tar - pax < test.tar - tar -t -f test.tar Drop "cpath fattr dpath" in read-write: - echo foo | cpio -o -A -H ustar -O test.tar - tar -r -f test.tar foo - pax -w -a -f test.tar foo Other modes remain unchanged and thus can create or modify files. Feedback OK millert
2025-01-04 15:25:38 -08:00 · 2023-11-09 18:54:15 +00:00 · 2023-11-09 18:54:15 +00:00 · 067bf70efe
commit 067bf70efe
parent 79e44c4617
2 changed files with 37 additions and 11 deletions
--- a/bin/pax/ar_io.c
+++ b/bin/pax/ar_io.c
@ -1,4 +1,4 @@
-/*	$OpenBSD: ar_io.c,v 1.63 2019/06/28 13:34:59 deraadt Exp $	*/
+/*	$OpenBSD: ar_io.c,v 1.64 2023/11/09 18:54:15 kn Exp $	*/
 /*	$NetBSD: ar_io.c,v 1.5 1996/03/26 23:54:13 mrg Exp $	*/

 /*-
@ -1261,9 +1261,16 @@ ar_start_gzip(int fd, const char *path, int wr)
 		close(fds[1]);

 		if (pmode == 0 || (act != EXTRACT && act != COPY)) {
-		    if (pledge("stdio rpath wpath cpath fattr dpath getpw proc tape",
-			NULL) == -1)
-				err(1, "pledge");
+			if (act == LIST) {
+				if (pledge("stdio rpath getpw proc tape",
+				   NULL) == -1)
+					err(1, "pledge");
+			/* can not gzip while appending */
+			} else {
+				if (pledge("stdio rpath wpath cpath fattr dpath getpw proc tape",
+				   NULL) == -1)
+					err(1, "pledge");
+			}
 		}
 	} else {
 		if (wr) {
--- a/bin/pax/pax.c
+++ b/bin/pax/pax.c
@ -1,4 +1,4 @@
-/*	$OpenBSD: pax.c,v 1.55 2023/10/15 09:49:57 kn Exp $	*/
+/*	$OpenBSD: pax.c,v 1.56 2023/11/09 18:54:15 kn Exp $	*/
 /*	$NetBSD: pax.c,v 1.5 1996/03/26 23:54:20 mrg Exp $	*/

 /*-
@ -273,13 +273,32 @@ main(int argc, char **argv)
 	if (pmode == 0 || (act != EXTRACT && act != COPY)) {
 		/* Copy mode, or no gzip -- don't need to fork/exec. */
 		if (gzip_program == NULL || act == COPY) {
-			if (pledge("stdio rpath wpath cpath fattr dpath getpw tape",
-			    NULL) == -1)
-				err(1, "pledge");
+			/* List mode -- don't need to write/create/modify files. */
+			if (act == LIST) {
+				if (pledge("stdio rpath getpw tape",
+				    NULL) == -1)
+					err(1, "pledge");
+			/* Append mode -- don't need to create/modify files. */
+			} else if (act == APPND) {
+				if (pledge("stdio rpath wpath getpw tape",
+				    NULL) == -1)
+					err(1, "pledge");
+			} else {
+				if (pledge("stdio rpath wpath cpath fattr dpath getpw tape",
+				    NULL) == -1)
+					err(1, "pledge");
+			}
 		} else {
-			if (pledge("stdio rpath wpath cpath fattr dpath getpw proc exec tape",
-			    NULL) == -1)
-				err(1, "pledge");
+			if (act == LIST) {
+				if (pledge("stdio rpath getpw proc exec tape",
+				    NULL) == -1)
+					err(1, "pledge");
+			/* can not gzip while appending */
+			} else {
+				if (pledge("stdio rpath wpath cpath fattr dpath getpw proc exec tape",
+				    NULL) == -1)
+					err(1, "pledge");
+			}
 		}
 	}