diff options
| author | Nicholas Marriott <nicm@cvs.openbsd.org> | 2015-10-25 00:02:01 +0000 |
|---|---|---|
| committer | Nicholas Marriott <nicm@cvs.openbsd.org> | 2015-10-25 00:02:01 +0000 |
| commit | a86da25fabc6cee69632a5e98f64135c30a21238 (patch) | |
| tree | 561a89df74e280929432d446d5f4fe9f71ed5d3a /sys/kern | |
| parent | ce296644bb242be4fc997dcffd6a1bfccaa6a7ad (diff) | |
Allow getsockopt(IP_OPTIONS) (with inet), needed by portmap (for RPC).
ok deraadt
Diffstat (limited to 'sys/kern')
| -rw-r--r-- | sys/kern/kern_pledge.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c index 4840300478b..f5211a06ba6 100644 --- a/sys/kern/kern_pledge.c +++ b/sys/kern/kern_pledge.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_pledge.c,v 1.68 2015/10/23 15:53:49 deraadt Exp $ */ +/* $OpenBSD: kern_pledge.c,v 1.69 2015/10/25 00:02:00 nicm Exp $ */ /* * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org> @@ -1193,6 +1193,10 @@ pledge_sockopt_check(struct proc *p, int level, int optname) break; case IPPROTO_IP: switch (optname) { + case IP_OPTIONS: + if (p->p_pledge_syscall == SYS_getsockopt) + return (0); + break; case IP_TOS: case IP_TTL: case IP_MINTTL: |