diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2015-10-17 04:36:11 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2015-10-17 04:36:11 +0000 |
| commit | 4c936f73fc46d0a92bdd9221ac1160cedca459f1 (patch) | |
| tree | c58c0198956fe60353dadeaa6fa0d9a9c8bad094 | |
| parent | 91f4ee60a964065867404c19d0634fcf9fe85b21 (diff) | |
smtpd starts rather robustly with a gigantic pledge request group (keep
in mind that a gigantic group is already < ~50% of POSIX). It then
grinds these down bit by bit as it sets up privsep for the various
processes. At startup, smtpd will need the new "id" request as well.
ok gilles tedu
| -rw-r--r-- | usr.sbin/smtpd/smtpd.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/usr.sbin/smtpd/smtpd.c b/usr.sbin/smtpd/smtpd.c index d8222dbca86..3100b156ece 100644 --- a/usr.sbin/smtpd/smtpd.c +++ b/usr.sbin/smtpd/smtpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: smtpd.c,v 1.248 2015/10/16 20:54:55 gilles Exp $ */ +/* $OpenBSD: smtpd.c,v 1.249 2015/10/17 04:36:10 deraadt Exp $ */ /* * Copyright (c) 2008 Gilles Chehade <gilles@poolp.org> @@ -690,7 +690,8 @@ main(int argc, char *argv[]) purge_task(); - if (pledge("stdio rpath wpath cpath flock tmppath getpw sendfd proc exec", NULL) == -1) + if (pledge("stdio rpath wpath cpath flock tmppath getpw sendfd proc exec id", + NULL) == -1) err(1, "pledge"); if (event_dispatch() < 0) |