diff options
| author | Ricardo Mestre <mestre@cvs.openbsd.org> | 2020-05-25 09:14:51 +0000 |
|---|---|---|
| committer | Ricardo Mestre <mestre@cvs.openbsd.org> | 2020-05-25 09:14:51 +0000 |
| commit | dc20892ded4cc025bb0b07b6685e4fc927d967e6 (patch) | |
| tree | d15c765e681be82f4b3a0da16c622cbb09adaaf7 | |
| parent | 3e39b250169e8ef15507000e9603f0a5558e90da (diff) | |
For regular users sndioctl(1) can be restricted to pledge(2) "stdio", but since
it can also be run by root to access the raw devices directly for testing
purposes it also needs "audio" promise
hint from semarie@ ok ratchov@
| -rw-r--r-- | usr.bin/sndioctl/sndioctl.c | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/usr.bin/sndioctl/sndioctl.c b/usr.bin/sndioctl/sndioctl.c index d919122fe9c..d04cbeb925d 100644 --- a/usr.bin/sndioctl/sndioctl.c +++ b/usr.bin/sndioctl/sndioctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sndioctl.c,v 1.10 2020/05/17 05:39:32 ratchov Exp $ */ +/* $OpenBSD: sndioctl.c,v 1.11 2020/05/25 09:14:50 mestre Exp $ */ /* * Copyright (c) 2014-2020 Alexandre Ratchov <alex@caoua.org> * @@ -948,6 +948,13 @@ main(int argc, char **argv) fprintf(stderr, "%s: can't open control device\n", devname); exit(1); } + + if (pledge("stdio audio", NULL) == -1) { + fprintf(stderr, "%s: pledge: %s\n", getprogname(), + strerror(errno)); + exit(1); + } + if (!sioctl_ondesc(hdl, ondesc, NULL)) { fprintf(stderr, "%s: can't get device description\n", devname); exit(1); |