summaryrefslogtreecommitdiff
path: root/usr.sbin/relayd
diff options
context:
space:
mode:
authorSebastian Benoit <benno@cvs.openbsd.org>2015-10-10 00:16:24 +0000
committerSebastian Benoit <benno@cvs.openbsd.org>2015-10-10 00:16:24 +0000
commitc868cbebbf078cf2fe2d961589d30763845f1690 (patch)
tree4676f241784500cd5ca113984ae1e6dba15f8c5c /usr.sbin/relayd
parentd99d72847c8739b235f180aabb664817824b6a5f (diff)
relayd's ca process pledges to only use stdio.
ok deraadt@
Diffstat (limited to 'usr.sbin/relayd')
-rw-r--r--usr.sbin/relayd/ca.c5
1 files changed, 4 insertions, 1 deletions
diff --git a/usr.sbin/relayd/ca.c b/usr.sbin/relayd/ca.c
index 81f9971771d..977151b0b6e 100644
--- a/usr.sbin/relayd/ca.c
+++ b/usr.sbin/relayd/ca.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ca.c,v 1.13 2015/05/02 13:15:24 claudio Exp $ */
+/* $OpenBSD: ca.c,v 1.14 2015/10/10 00:16:23 benno Exp $ */
/*
* Copyright (c) 2014 Reyk Floeter <reyk@openbsd.org>
@@ -73,6 +73,9 @@ ca(struct privsep *ps, struct privsep_proc *p)
void
ca_init(struct privsep *ps, struct privsep_proc *p, void *arg)
{
+ if (pledge("stdio", NULL) == -1)
+ fatal("pledge");
+
if (config_init(ps->ps_env) == -1)
fatal("failed to initialize configuration");
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-03 04:48:43 +0000