diff options
| author | Alexandre Ratchov <ratchov@cvs.openbsd.org> | 2015-12-23 20:12:19 +0000 |
|---|---|---|
| committer | Alexandre Ratchov <ratchov@cvs.openbsd.org> | 2015-12-23 20:12:19 +0000 |
| commit | a05cf413ad986d393d2fb68e706b95e7c3e805f4 (patch) | |
| tree | 78ba2f7a0a72c58fd25d7cc0f5940ba138d219ec /usr.bin/sndiod/sndiod.c | |
| parent | b99117c3ee22bd70e4494f3226cf66b980493502 (diff) | |
Add pledge calls to both "helper" and "worker" processes.
ok deraadt, semarie
Diffstat (limited to 'usr.bin/sndiod/sndiod.c')
| -rw-r--r-- | usr.bin/sndiod/sndiod.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/usr.bin/sndiod/sndiod.c b/usr.bin/sndiod/sndiod.c index 18aaeaf7e94..7f32f5bb7ed 100644 --- a/usr.bin/sndiod/sndiod.c +++ b/usr.bin/sndiod/sndiod.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sndiod.c,v 1.21 2015/12/23 12:24:12 ratchov Exp $ */ +/* $OpenBSD: sndiod.c,v 1.22 2015/12/23 20:12:18 ratchov Exp $ */ /* * Copyright (c) 2008-2012 Alexandre Ratchov <alex@caoua.org> * @@ -507,6 +507,8 @@ main(int argc, char **argv) setresuid(hpw_uid, hpw_uid, hpw_uid)) err(1, "cannot drop privileges"); } + if (pledge("stdio sendfd rpath wpath", NULL) < 0) + err(1, "pledge"); while (file_poll()) ; /* nothing */ } else { @@ -551,6 +553,13 @@ main(int argc, char **argv) setresuid(wpw_uid, wpw_uid, wpw_uid)) err(1, "cannot drop privileges"); } + if (tcpaddr) { + if (pledge("stdio audio recvfd unix inet", NULL) == -1) + err(1, "pledge"); + } else { + if (pledge("stdio audio recvfd unix", NULL) == -1) + err(1, "pledge"); + } for (;;) { if (quit_flag) break; |