summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRicardo Mestre <mestre@cvs.openbsd.org>2019-11-30 14:01:46 +0000
committerRicardo Mestre <mestre@cvs.openbsd.org>2019-11-30 14:01:46 +0000
commit30d087a72727bd4d1ade0a8131aff6aa65b15610 (patch)
tree30e7bc979d677d50b15d266f38ceb37edac66441
parent5be8b88c35acb81836ca43d96318f23f66578be9 (diff)
After fork(2) the pledge(2) in the parent proc can be reduced to
"stdio rpath sendfd" so that it can call {l,}stat/open and sendfd for imsg_* in order to send fds to the child proc which is already pledged by recvfd to receive them OK brynet@ deraadt@
-rw-r--r--usr.bin/file/file.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/usr.bin/file/file.c b/usr.bin/file/file.c
index a0eb5a267ba..3183adb484d 100644
--- a/usr.bin/file/file.c
+++ b/usr.bin/file/file.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: file.c,v 1.68 2019/02/05 02:17:32 deraadt Exp $ */
+/* $OpenBSD: file.c,v 1.69 2019/11/30 14:01:45 mestre Exp $ */
/*
* Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
@@ -207,6 +207,9 @@ main(int argc, char **argv)
}
close(pair[1]);
+ if (pledge("stdio rpath sendfd", NULL) == -1)
+ err(1, "pledge");
+
fclose(magicfp);
magicfp = NULL;