diff options
| author | Ricardo Mestre <mestre@cvs.openbsd.org> | 2018-07-26 19:32:53 +0000 |
|---|---|---|
| committer | Ricardo Mestre <mestre@cvs.openbsd.org> | 2018-07-26 19:32:53 +0000 |
| commit | 4309b99144af2ef8432fb0b77a319e9ca54c2ae7 (patch) | |
| tree | 571cb3dde3a19ea6df8f210e5a6994b223a48f0b | |
| parent | 87fbac49d97ac5a8ed2e35adf06518f31796f356 (diff) | |
reduce pledge(2) to the bare minimum:
after dbopen(3) occurs then all operations are on fds which don't need
rpath/wpath and therefore spamdb(8) only needs stdio at all times after the DB
was already open(2)ed
great input from semarie@ OK deraadt@
| -rw-r--r-- | usr.sbin/spamdb/spamdb.c | 11 |
1 files changed, 3 insertions, 8 deletions
diff --git a/usr.sbin/spamdb/spamdb.c b/usr.sbin/spamdb/spamdb.c index f1766db50c5..871605ca826 100644 --- a/usr.sbin/spamdb/spamdb.c +++ b/usr.sbin/spamdb/spamdb.c @@ -1,4 +1,4 @@ -/* $OpenBSD: spamdb.c,v 1.34 2017/10/29 19:11:34 millert Exp $ */ +/* $OpenBSD: spamdb.c,v 1.35 2018/07/26 19:32:52 mestre Exp $ */ /* * Copyright (c) 2004 Bob Beck. All rights reserved. @@ -368,13 +368,8 @@ main(int argc, char **argv) action ? "writing" : "reading"); } - if (action == 0) { - if (pledge("stdio rpath", NULL) == -1) - err(1, "pledge"); - } else { - if (pledge("stdio rpath wpath", NULL) == -1) - err(1, "pledge"); - } + if (pledge("stdio", NULL) == -1) + err(1, "pledge"); switch (action) { case 0: |