Author :
deraadt
Date :
2026-05-15 00:39:21
Hash :0e67b3de Message :Make __pledge_open(2) of /etc/localtime and /usr/share/zoneinfo much
more strict. If /etc/localtime is a symbolic link, allow one translation
which must land cleanly in /usr/share/zoneinfo (.. is checked for) otherwise
error with EACCES. In /usr/share/zoneinfo, do not allow symbolic links and
error with ELOOP.
Alfredo Ortega observed the non-strict handling, but agrees no specific
exploitability exists. Changing this took almost a month with many
discarded prototypes.
ok beck dgl
deraadt