IABSD.fr/src

• Browse

  Commit

• Author : deraadt
  Date : 2026-05-18 01:25:10
  Hash : 187086bf
  Message : Since libc (currently and probably forever) only calls __pledge_open() with 3 flags (O_RDONLY, O_RDWR, and O_CLOEXEC) validate this before calling deeper kernel code. It is not trivial to check O_RDONLY because the flag isn't a bit in the 3 (valid) states represented inside O_ACCMODE (which are converted more carefully to FREAD|FWRITE nowadays). This brings me back to my youth with the open(,3) bug... ok beck