Mailing List Archive

From:: "Theo de Raadt" <deraadt@openbsd.org>
Subject:: Re: watch(1) - periodically execute a command and display its output
To:: Job Snijders <job@openbsd.org>
Cc:: tech@cvs.openbsd.org
Date:: Mon, 19 May 2025 18:54:37 -0600

Download raw body.

Thread

- 2025-05-21 02:28 Ingo Schwarze:
  watch(1) - periodically execute a command and display its output
- - 2025-05-21 04:38 Florian Obser:
    watch(1) - periodically execute a command and display its output
2025-05-20 00:54 Theo de Raadt:
watch(1) - periodically execute a command and display its output
- 2025-05-20 01:04 Theo de Raadt:
  watch(1) - periodically execute a command and display its output
2025-05-20 01:01 Theo de Raadt:
watch(1) - periodically execute a command and display its output

This use of pledge "unveil" and unveil() is very ineffective.

There is no point in doing

fork + unveil + execve
              ^
              |
  apparently a patch access bug happens here?

Implausible.  These unveils are either too late, or not serving any purpose.

I believe cmdv[0] and _PATH_BSHELL are known a very long time earlier in
the program, and that is where unveil would get called.

- 2025-05-21 02:28 Ingo Schwarze:
  watch(1) - periodically execute a command and display its output
- - 2025-05-21 04:38 Florian Obser:
    watch(1) - periodically execute a command and display its output
2025-05-20 00:54 Theo de Raadt:
watch(1) - periodically execute a command and display its output
- 2025-05-20 01:04 Theo de Raadt:
  watch(1) - periodically execute a command and display its output
2025-05-20 01:01 Theo de Raadt:
watch(1) - periodically execute a command and display its output