diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2018-08-03 04:47:57 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2018-08-03 04:47:57 +0000 |
| commit | 126911a83d535842f491ae8b63e55f66d3d5cfc0 (patch) | |
| tree | ecf89996a313a9dec8ccf84174f651d0ceb3afdb /usr.bin | |
| parent | 4eaa6d8d468775c8ee0fa148b40802454709b4fb (diff) | |
The first unveil userland commit!
unveil _PATH_LOGIN_CONF (/etc/login.conf) which is used by
login_getclass(3) and family before doing password encode. This
is the only filename used by the program during runtime, everything
else happens on stdin/stdout.
Diffstat (limited to 'usr.bin')
| -rw-r--r-- | usr.bin/encrypt/encrypt.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/usr.bin/encrypt/encrypt.c b/usr.bin/encrypt/encrypt.c index 797bf397aa4..48e1d54df57 100644 --- a/usr.bin/encrypt/encrypt.c +++ b/usr.bin/encrypt/encrypt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: encrypt.c,v 1.48 2018/08/03 04:19:34 deraadt Exp $ */ +/* $OpenBSD: encrypt.c,v 1.49 2018/08/03 04:47:56 deraadt Exp $ */ /* * Copyright (c) 1996, Jason Downs. All rights reserved. @@ -95,6 +95,8 @@ main(int argc, char **argv) char *extra = NULL; /* Store login class or number of rounds */ const char *errstr; + if (unveil(_PATH_LOGIN_CONF, "r") == -1) + err(1, "unveil"); if (pledge("stdio rpath tty", NULL) == -1) err(1, "pledge"); |