Like we did on other daemons that cannot be pledged due to forbidden ioctls the

main process can be unveiled to restrict filesystem access. In this case we can
restrict it to only read, although it must be the entire / since the daemon is
able to include config files from anywhere.

Additionally the ldpe process currently has cpath promise to unlink the socket,
nevertheless the socket is actually unlinked from the main proc so this
permission can be removed. As we discussed before, leaving the socket behind
doesn't do any harm that's why I didn't unveil it in the main proc.

OK deraadt@

0 files changed, 0 insertions, 0 deletions