diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2015-10-07 20:26:17 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2015-10-07 20:26:17 +0000 |
| commit | 2a9b76132894f734d31edb1f3e036a11e4b5abae (patch) | |
| tree | affacacf14c72d5bafe3da9c328ac1833fec02be /usr.sbin/bgpd | |
| parent | fed6ee32d8ace0616ba7919bab62d4f1bfd16712 (diff) | |
In theory, bgpd should be happy with tame "stdio unix route recvfd".
Let's hear from people's experiences by commiting it.
Diffstat (limited to 'usr.sbin/bgpd')
| -rw-r--r-- | usr.sbin/bgpd/rde.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/usr.sbin/bgpd/rde.c b/usr.sbin/bgpd/rde.c index 40dd5b6a538..4d83e62cfeb 100644 --- a/usr.sbin/bgpd/rde.c +++ b/usr.sbin/bgpd/rde.c @@ -1,4 +1,4 @@ -/* $OpenBSD: rde.c,v 1.339 2015/09/21 09:47:15 phessler Exp $ */ +/* $OpenBSD: rde.c,v 1.340 2015/10/07 20:26:16 deraadt Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -30,6 +30,7 @@ #include <stdlib.h> #include <string.h> #include <unistd.h> +#include <err.h> #include "bgpd.h" #include "mrt.h" @@ -186,6 +187,9 @@ rde_main(int debug, int verbose) setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) fatal("can't drop privileges"); + if (tame("stdio unix route recvfd", NULL) == -1) + fatal("tame"); + signal(SIGTERM, rde_sighdlr); signal(SIGINT, rde_sighdlr); signal(SIGPIPE, SIG_IGN); |