snmpd(8)'s main process needs to open the config file and /dev/pf both with

read permissions, but once it reaches pledge(2) just before the main loop both
were already opened. Since snmpd(8) doesn't have a way to load or reload the
config file, not even through SIGHUP, then rpath promise is not needed.

The snmpe process cannot yet be pledged, but it doesn't need fs access so we
can disable the access through unveil("/", ""); unveil(NULL, NULL);

"looks right" to deraadt@

0 files changed, 0 insertions, 0 deletions