summary refs log tree commit diff
path: root/scripts/sshd_config
diff options
context:
space:
mode:
authorKlemens Nanni2021-06-06 00:20:52 +0000
committerC. McEnroe2021-06-06 10:18:52 -0400
commit0fe004c5c499b7daf76f4ac769025b5395d41220 (patch)
tree093826721ca372b63a09349badf92dacdd5d37dc /scripts/sshd_config
parent1c7a755e67cf1117349b6470efec8c723a9454c9 (diff)
OpenBSD: unveil XDG directories only when needed
The (not perfectly obvious) way catgirl crafts directories gets triggered
by unveilAll() even if no passed option requires filesystem access:

	$ env -i TERM=xterm ./catgirl -h irc.hackint.eu -R -n nobody
	catgirl: HOME unset

Here unveil(2) is used due to the "restrict" option, but besides terminfo(5)
and certificates catgirl does not need any other files, yet it tries to init
the data path -- passing XDG_DATA_HOME=/var/empty makes above invocation work
showing how the then successful path setup is not required.

Fix this by not unveiling the unneeded data path in the first place.
Diffstat (limited to 'scripts/sshd_config')
0 files changed, 0 insertions, 0 deletions