pledge(2) for talk(1):

At the beginning the largest pledge is the following:

rpath: read ~/.terminfo (the reason was changed pointed out by semarie@)
inet/dns: talk may need to connect to a remote host and resolve it
getpw: if getlogin(2) fails then it needs getpwuid(3) as a fallback
tty: this is a typical tty application, so it'll always need this annotation

Then just before the application main loop check if the talk is with local user
so it only needs "stdio tty", if it's remote then it needs "stdio inet tty".
I couldn't test this with a remote host to confirm if it needs inet or not but
as per jca@'s comment "tighter settings - if possible - can happen later"

ok jca@ and also discussed with tb@

1 files changed, 14 insertions, 1 deletions

diff --git a/usr.bin/talk/talk.c b/usr.bin/talk/talk.c
index b10ad857a5a..0c9e4f362b3 100644
--- a/usr.bin/talk/talk.c
+++ b/usr.bin/talk/talk.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: talk.c,v 1.10 2016/02/01 07:29:25 mestre Exp $	*/
+/*	$OpenBSD: talk.c,v 1.11 2016/02/05 10:18:01 mestre Exp $	*/
 /*	$NetBSD: talk.c,v 1.3 1994/12/09 02:14:25 jtc Exp $	*/
 
 /*
@@ -35,6 +35,7 @@
 #include <unistd.h>
 
 #include "talk.h"
+#include "talk_ctl.h"
 
 /*
  * talk:	A visual form of write. Using sockets, a two way
@@ -53,6 +54,9 @@
 int
 main(int argc, char *argv[])
 {
+	if (pledge("stdio rpath inet dns getpw tty", NULL) == -1)
+		err(1, "pledge");
+
 	get_names(argc, argv);
 	init_display();
 	open_ctl();
@@ -62,6 +66,15 @@ main(int argc, char *argv[])
 		invite_remote();
 	end_msgs();
 	set_edit_chars();
+
+	if (his_machine_addr.s_addr == my_machine_addr.s_addr) {
+		if (pledge("stdio tty", NULL) == -1)
+			err(1, "pledge");
+	} else {
+		if (pledge("stdio tty", NULL) == -1)
+			err(1, "pledge");
+	}
+
 	talk();
 	return (0);
 }