diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2015-10-07 05:21:42 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2015-10-07 05:21:42 +0000 |
| commit | 018dd96fbbc689b3264dbc5bf472daddf9d54ef8 (patch) | |
| tree | ace4ae6ab215f7aeaab2d43ba90570192d308161 | |
| parent | 6673a27c3e10414943f3183a9465af51812a781f (diff) | |
tame "stdio inet rpath cpath wpath proc" seems to be sufficient for
all the wading in here. "proc" is for the speed command, which fork()'s.
ok doug
| -rw-r--r-- | usr.bin/openssl/openssl.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/usr.bin/openssl/openssl.c b/usr.bin/openssl/openssl.c index 08132e8f96e..21a5aa60184 100644 --- a/usr.bin/openssl/openssl.c +++ b/usr.bin/openssl/openssl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: openssl.c,v 1.13 2015/09/21 13:13:06 bcook Exp $ */ +/* $OpenBSD: openssl.c,v 1.14 2015/10/07 05:21:41 deraadt Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -114,6 +114,7 @@ #include <stdio.h> #include <string.h> #include <stdlib.h> +#include <unistd.h> #include "apps.h" @@ -435,6 +436,11 @@ main(int argc, char **argv) arg.data = NULL; arg.count = 0; + if (tame("stdio inet rpath cpath wpath proc", NULL) == -1) { + fprintf(stderr, "openssl: tame: %s\n", strerror(errno)); + exit(1); + } + bio_err = BIO_new_fp(stderr, BIO_NOCLOSE); if (bio_err == NULL) { fprintf(stderr, "openssl: failed to initialise bio_err\n"); |