![[BACK]](/icons/back.gif){kind=icon}
Up to [local] / src / usr.bin / sndiod
Request diff between arbitrary revisions
Default branch: MAIN
Current tag: OPENBSD_5_9
Revision 1.1 / (download) - annotate - [select for diffs], Sun Dec 20 11:38:33 2015 UTC (8 years, 5 months ago) by ratchov
Branch: MAIN
CVS Tags: OPENBSD_6_6_BASE,
OPENBSD_6_6,
OPENBSD_6_5_BASE,
OPENBSD_6_5,
OPENBSD_6_4_BASE,
OPENBSD_6_4,
OPENBSD_6_3_BASE,
OPENBSD_6_3,
OPENBSD_6_2_BASE,
OPENBSD_6_2,
OPENBSD_6_1_BASE,
OPENBSD_6_1,
OPENBSD_6_0_BASE,
OPENBSD_6_0,
OPENBSD_5_9_BASE,
OPENBSD_5_9
In case of a bug in sndiod, an attacker (a local user) could run arbitrary code as user _sndio, i.e. get a second uid. Mitigate the risk by implementing initial privilege separation as follows. Break sndiod in two processes: a chroot()ed "worker" process processing input, and a non-chroot()ed "helper" process opening devices and passing descriptors to the worker. With help from benno, claudio, semarie and gilles. ok benno, semarie and tb