diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2015-11-13 18:09:36 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2015-11-13 18:09:36 +0000 |
| commit | e4910e98b08d2e69fed76b531907a6b33d615275 (patch) | |
| tree | bf87db5da7d902a94caf8f6f915b6e7c293c57d7 /gnu/gcc | |
| parent | f4eab46608e0432dfbcb2c4e9620b7820b18ec7f (diff) | |
Both gcc & collect2 can pledge "stdio rpath wpath cpath proc exec".
(cc1 "toplev.c" uses brk/sbrk, so it is on hold to figure out the right
direction...)
ok semarie pascal
Diffstat (limited to 'gnu/gcc')
| -rw-r--r-- | gnu/gcc/gcc/collect2.c | 5 | ||||
| -rw-r--r-- | gnu/gcc/gcc/gcc.c | 5 |
2 files changed, 10 insertions, 0 deletions
diff --git a/gnu/gcc/gcc/collect2.c b/gnu/gcc/gcc/collect2.c index f507e25e47d..f621abf0681 100644 --- a/gnu/gcc/gcc/collect2.c +++ b/gnu/gcc/gcc/collect2.c @@ -797,6 +797,11 @@ main (int argc, char **argv) no_demangle = !! getenv ("COLLECT_NO_DEMANGLE"); + if (pledge ("stdio rpath wpath cpath proc exec", NULL) == -1) { + error ("cannot pledge"); + collect_exit (1); + } + /* Suppress demangling by the real linker, which may be broken. */ putenv (xstrdup ("COLLECT_NO_DEMANGLE=")); diff --git a/gnu/gcc/gcc/gcc.c b/gnu/gcc/gcc/gcc.c index c466fee4689..c59eef8df78 100644 --- a/gnu/gcc/gcc/gcc.c +++ b/gnu/gcc/gcc/gcc.c @@ -6094,6 +6094,11 @@ main (int argc, char **argv) xmalloc_set_program_name (programname); + if (pledge ("stdio rpath wpath cpath proc exec", NULL) == -1) { + error ("pledge", xstrerror (errno)); + exit (1); + } + expandargv (&argc, &argv); prune_options (&argc, &argv); |