sysutils/upower: unveil to prevent execution

[Klemens Nanni]

Started by D-Bus, this upowerd(8) runs as root without the usual
OpenBSD security considerations.

upowerd(8) used to support scripts, but deprecated them in 2013.
I don't see any other code that would fork or exec stuff.

apm(4) ioctls is not covered by pledge(2), sensors readying via
sysctl(2) should be, though.

So as with openbsdisks2, unveil("/", "rwc") to strip the x bit.

`upower --monitor-detail' and replugging my notebook's power cable
still provides all the details.

Works for me on Xfce.
Feedback? Objection? OK?


Index: Makefile
===================================================================
RCS file: /cvs/ports/sysutils/upower/Makefile,v
diff -u -p -r1.71 Makefile
--- Makefile    17 Oct 2023 08:15:21 -0000      1.71
+++ Makefile    8 Nov 2023 12:26:28 -0000
@@ -5,6 +5,7 @@ COMMENT =       userland power management inte
 V =    v1.90.2
 DISTNAME =     upower-${V}
 PKGNAME =      upower-${V:S/v//}
+REVISION =     0
 
 CATEGORIES =   sysutils
 SHARED_LIBS +=  upower-glib          3.0
@@ -17,6 +18,7 @@ MAINTAINER =  Landry Breuil <landry@openb
 # GPLv2+
 PERMIT_PACKAGE=        Yes
 
+# uses unveil()
 WANTLIB += c gio-2.0 glib-2.0 gobject-2.0 m
 
 MODULES =      devel/meson
Index: patches/patch-src_up-main_c
===================================================================
RCS file: patches/patch-src_up-main_c
diff -N patches/patch-src_up-main_c
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ patches/patch-src_up-main_c 8 Nov 2023 13:38:35 -0000
@@ -0,0 +1,26 @@
+Uncovered apm(4) ioctl(2) prevents pledge(2) usage.
+unveil(2) all files read-write-create to prevent execution.
+
+Index: src/up-main.c
+--- src/up-main.c.orig
++++ src/up-main.c
+@@ -22,6 +22,7 @@
+ 
+ #include "config.h"
+ 
++#include <err.h>
+ #include <string.h>
+ #include <signal.h>
+ #include <sys/types.h>
+@@ -183,6 +184,11 @@ main (gint argc, gchar **argv)
+       UpState *state;
+       GBusNameOwnerFlags bus_flags;
+       gboolean replace = FALSE;
++
++      if (unveil("/", "rwc") == -1)
++              err(1, "unveil /");
++      if (unveil(NULL, NULL) == -1)
++              err(1, "unveil NULL");
+ 
+       const GOptionEntry options[] = {
+               { "timed-exit", '\0', 0, G_OPTION_ARG_NONE, &timed_exit,