From 4a6fef59317af98c6cfde607002eee17683253ea Mon Sep 17 00:00:00 2001
From: Theo de Raadt <deraadt@cvs.openbsd.org>
Date: Sat, 3 Oct 2015 14:39:26 +0000
Subject: wc only opens files read-only, proceses them, and spits results to
 stdout. tame "stdio rpath" works, right before calling getopt()

---
 usr.bin/wc/wc.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'usr.bin')

diff --git a/usr.bin/wc/wc.c b/usr.bin/wc/wc.c
index 5f1d66f8942..8c1104e3bf4 100644
--- a/usr.bin/wc/wc.c
+++ b/usr.bin/wc/wc.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: wc.c,v 1.17 2015/01/16 06:40:14 deraadt Exp $	*/
+/*	$OpenBSD: wc.c,v 1.18 2015/10/03 14:39:25 deraadt Exp $	*/
 
 /*
  * Copyright (c) 1980, 1987, 1991, 1993
@@ -57,6 +57,9 @@ main(int argc, char *argv[])
 
 	setlocale(LC_ALL, "");
 
+	if (tame("stdio rpath", NULL) == -1)
+		err(1, "tame");
+
 	while ((ch = getopt(argc, argv, "lwchm")) != -1)
 		switch(ch) {
 		case 'l':
-- 
cgit v1.2.3