summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--usr.sbin/tcpdump/privsep.c4
-rw-r--r--usr.sbin/tcpdump/tcpdump.c4
2 files changed, 6 insertions, 2 deletions
diff --git a/usr.sbin/tcpdump/privsep.c b/usr.sbin/tcpdump/privsep.c
index 354b384a1f3..dc1ab16392b 100644
--- a/usr.sbin/tcpdump/privsep.c
+++ b/usr.sbin/tcpdump/privsep.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: privsep.c,v 1.35 2015/08/21 02:07:32 deraadt Exp $ */
+/* $OpenBSD: privsep.c,v 1.36 2015/10/03 00:51:08 deraadt Exp $ */
/*
* Copyright (c) 2003 Can Erkin Acar
@@ -281,6 +281,8 @@ priv_init(int argc, char **argv)
case PRIV_INIT_DONE:
test_state(cmd, STATE_RUN);
impl_init_done(socks[0], &bpfd);
+ if (tame("malloc cmsg inet ioctl dns rpath", NULL) == -1)
+ err(1, "tame");
break;
case PRIV_GETHOSTBYADDR:
test_state(cmd, STATE_RUN);
diff --git a/usr.sbin/tcpdump/tcpdump.c b/usr.sbin/tcpdump/tcpdump.c
index f9bcac98f4d..d32f0a25e1c 100644
--- a/usr.sbin/tcpdump/tcpdump.c
+++ b/usr.sbin/tcpdump/tcpdump.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tcpdump.c,v 1.72 2015/07/14 20:23:40 deraadt Exp $ */
+/* $OpenBSD: tcpdump.c,v 1.73 2015/10/03 00:51:08 deraadt Exp $ */
/*
* Copyright (c) 1988, 1989, 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997
@@ -490,6 +490,8 @@ main(int argc, char **argv)
if (tflag > 0)
thiszone = gmt2local(0);
+ if (tame("stdio", NULL) == -1)
+ err(1, "tame");
if (pcap_loop(pd, cnt, printer, pcap_userdata) < 0) {
(void)fprintf(stderr, "%s: pcap_loop: %s\n",
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-25 12:21:44 +0000