diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2017-01-23 04:25:06 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2017-01-23 04:25:06 +0000 |
| commit | c79450c75979248fff1458d7acd1302286d44035 (patch) | |
| tree | c83a77c5ebcdf18c65fafeb0d7e22121efeafc5b /sbin/pflogd/privsep.c | |
| parent | 8b744ded342c9a9dbcebe93b1337bd1f0a536685 (diff) | |
Split pledge "ioctl" into "tape" and "bpf", and allow SIOCGIFGROUP only
upon "inet". Adjust the 4 programs that care about this.
Diffstat (limited to 'sbin/pflogd/privsep.c')
| -rw-r--r-- | sbin/pflogd/privsep.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/sbin/pflogd/privsep.c b/sbin/pflogd/privsep.c index 2d217a867e9..9bef398a5e9 100644 --- a/sbin/pflogd/privsep.c +++ b/sbin/pflogd/privsep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: privsep.c,v 1.23 2017/01/23 03:47:37 benno Exp $ */ +/* $OpenBSD: privsep.c,v 1.24 2017/01/23 04:25:05 deraadt Exp $ */ /* * Copyright (c) 2003 Can Erkin Acar @@ -121,7 +121,7 @@ priv_init(void) #if notyet /* This needs to do bpf ioctl */ - if (pledge("stdio rpath wpath cpath ioctl sendfd proc", NULL) == -1) + if (pledge("stdio rpath wpath cpath sendfd proc bpf", NULL) == -1) err(1, "pledge"); #endif while (!gotsig_chld) { |