diff options
| -rw-r--r-- | usr.sbin/syslogd/privsep.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/usr.sbin/syslogd/privsep.c b/usr.sbin/syslogd/privsep.c index 94f6b2ad4f1..4487650e88d 100644 --- a/usr.sbin/syslogd/privsep.c +++ b/usr.sbin/syslogd/privsep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: privsep.c,v 1.56 2015/10/15 20:26:47 bluhm Exp $ */ +/* $OpenBSD: privsep.c,v 1.57 2015/10/16 16:10:10 bluhm Exp $ */ /* * Copyright (c) 2003 Anil Madhavapeddy <anil@recoil.org> @@ -144,6 +144,10 @@ priv_init(char *conf, int numeric, int lockfd, int nullfd, char *argv[]) return 0; } + if (pledge("stdio rpath wpath cpath inet dns getpw sendfd proc exec", + NULL) == -1) + err(1, "pledge priv"); + if (!Debug) { close(lockfd); dup2(nullfd, STDIN_FILENO); |