Prevent patch(1) from scribbling all over the place. (
from tedu to openbsd on 25 Jul 2023 16:21

Arguably the only sensible use of patch(1) is changing files in the current working directory and subdirectories.

However, patch(1) has this anti-feature, or dare I say bug, where it will happily follow "../" upwards and outside of the current working directory to find files to change. All it takes is a line like
+++ ../../../../home/florian/.ssh/authorized_keys
in the patchfile.

patch(1) operates on untrusted input and it already pledge(2)'ed to not execute arbitrary programs, but of course it needs to write files.

A simple unveil(".", "rwc") restricts patch(1) to its current working directory.


threaded - newest