mirror.osn.de :: Status
Status
Age (hh:mm:ss) of last commit: 01:55:01
Last commit message:
CVSROOT: /cvs Module name: src Changes by: deraadt@cvs.openbsd.org 2026/03/08 20:44:04 Modified files: sys/kern : sys_generic.c uipc_usrreq.c vfs_syscalls.c Log message: If a fd came from libc doing the __pledge_open(2) system call, do not allow write(2), chmod(2), chflags(2), chown(2), ftruncate(2), or fdpassing. pledge_open(2) is an unexported interface that libc will use (soon) to open 2 devices (null and tty), about 9 files (based upon pledge promises), and files within the zoneinfo directory. This works because libc only reads from those fd. Currently those files are openable by non-libc code, but soon only static libc code will be able to do those opens. This does not transition libc to using the new system call, yet. Based upon long discussions with david leadbeater and beck.
![[Powered by OpenBSD]](openbsd.png){kind=small}
![[Valid XHTML 1.0]](valid-xhtml10.png){kind=small}
![[Hosted by OSN]](osn.png){kind=small}