From 3af1fc9b8de7c5c9e9855c82fe9652dfefa875e9 Mon Sep 17 00:00:00 2001 From: kn Date: Tue, 4 Oct 2022 07:01:38 +0000 Subject: [PATCH] Unveil /tftpboot only if needed Unless -t is used, this directory is not accessed in any way. OK millert --- usr.sbin/rarpd/rarpd.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/usr.sbin/rarpd/rarpd.c b/usr.sbin/rarpd/rarpd.c index fbb0b953eb9..881039427ad 100644 --- a/usr.sbin/rarpd/rarpd.c +++ b/usr.sbin/rarpd/rarpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rarpd.c,v 1.79 2021/11/15 15:14:24 millert Exp $ */ +/* $OpenBSD: rarpd.c,v 1.80 2022/10/04 07:01:38 kn Exp $ */ /* $NetBSD: rarpd.c,v 1.25 1998/04/23 02:48:33 mrg Exp $ */ /* @@ -339,8 +339,9 @@ rarp_loop(void) arptab_init(); - if (unveil(TFTP_DIR, "r") == -1) - error("unveil %s", TFTP_DIR); + if (tflag) + if (unveil(TFTP_DIR, "r") == -1) + error("unveil %s", TFTP_DIR); if (unveil("/etc/ethers", "r") == -1) error("unveil /etc/ethers"); if (pledge("stdio rpath dns", NULL) == -1)