diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2015-10-12 01:40:10 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2015-10-12 01:40:10 +0000 |
| commit | cb7acb501dd1106a743aada9d2189d01c9d5ce29 (patch) | |
| tree | 612afbf42c042caf92e811b576db78ff7cf85518 /usr.sbin | |
| parent | 82ae1400b34ee4d3ab073f9db09bba8f615ff666 (diff) | |
pledge() "stdio" includes trusting open&read of the root-owned timezone
databases located at system paths (a reasonable bar had to be chosen; in
the future we can replace the interfaces, since this effort is identifying
them and placing their paths in a visble place), so this program only
needs "stdio"
ok doug
Diffstat (limited to 'usr.sbin')
| -rw-r--r-- | usr.sbin/zdump/zdump.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/usr.sbin/zdump/zdump.c b/usr.sbin/zdump/zdump.c index 20261861858..f3f38be2428 100644 --- a/usr.sbin/zdump/zdump.c +++ b/usr.sbin/zdump/zdump.c @@ -1,4 +1,4 @@ -/* $OpenBSD: zdump.c,v 1.10 2015/04/23 05:26:33 deraadt Exp $ */ +/* $OpenBSD: zdump.c,v 1.11 2015/10/12 01:40:09 deraadt Exp $ */ /* ** This file is in the public domain, so clarified as of ** 2009-05-17 by Arthur David Olson. @@ -121,6 +121,9 @@ main(int argc, char *argv[]) struct tm tm, newtm, *tmp, *newtmp; char **fakeenv; + if (pledge("stdio", NULL) == -1) + perror("pledge"); + while ((c = getopt(argc, argv, "c:v")) == 'c' || c == 'v') { switch (c) { case 'v': |