git: c3e9317fde85 - stable/12 - ldd: ignore unverified files
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 15 Oct 2022 16:12:28 UTC
The branch stable/12 has been updated by sjg: URL: https://cgit.FreeBSD.org/src/commit/?id=c3e9317fde85e273f1ca2c5060570f3bd90caca3 commit c3e9317fde85e273f1ca2c5060570f3bd90caca3 Author: Simon J. Gerraty <sjg@FreeBSD.org> AuthorDate: 2022-10-07 00:51:28 +0000 Commit: Simon J. Gerraty <sjg@FreeBSD.org> CommitDate: 2022-10-15 16:11:59 +0000 ldd: ignore unverified files When mac_veriexec is enforcing, we won't run unverified binaries, don't let ldd examine them either. Reviewed by: stevek emaste MFC after: 1 week Sponsored by: Juniper Networks, Inc. Differential Revision: https://reviews.freebsd.org/D36897 (cherry picked from commit f48114b653a2a3d8f817ad68186235595ce304ed) --- usr.bin/ldd/ldd.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr.bin/ldd/ldd.c b/usr.bin/ldd/ldd.c index 5631b03b7bc9..d237850be765 100644 --- a/usr.bin/ldd/ldd.c +++ b/usr.bin/ldd/ldd.c @@ -190,7 +190,7 @@ main(int argc, char *argv[]) for (; argc > 0; argc--, argv++) { int fd, status, is_shlib, rv, type; - if ((fd = open(*argv, O_RDONLY, 0)) < 0) { + if ((fd = open(*argv, O_RDONLY | O_VERIFY, 0)) < 0) { warn("%s", *argv); rval |= 1; continue;