From d4219bc7fdb4080940d8453b1ebe1388cddbc9c2 Mon Sep 17 00:00:00 2001
From: rob <rob@cvs.openbsd.org>
Date: Sat, 12 Aug 2017 04:29:58 +0000
Subject: Initial pledge for snmpd. snmpe remains unpledged. Regression tests
 pass.

Ok benno@, jca@.
---
 usr.sbin/snmpd/snmpe.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

(limited to 'usr.sbin/snmpd/snmpe.c')

diff --git a/usr.sbin/snmpd/snmpe.c b/usr.sbin/snmpd/snmpe.c
index 34fe283baa5..a6be72e01ab 100644
--- a/usr.sbin/snmpd/snmpe.c
+++ b/usr.sbin/snmpd/snmpe.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: snmpe.c,v 1.48 2017/07/27 14:04:16 gerhard Exp $	*/
+/*	$OpenBSD: snmpe.c,v 1.49 2017/08/12 04:29:57 rob Exp $	*/
 
 /*
  * Copyright (c) 2007, 2008, 2012 Reyk Floeter <reyk@openbsd.org>
@@ -105,6 +105,15 @@ snmpe_init(struct privsep *ps, struct privsep_proc *p, void *arg)
 		    snmpe_recvmsg, env);
 		event_add(&so->s_ev, NULL);
 	}
+
+#ifdef notyet
+	/*
+	 * XXX Refactoring required to move illegal ioctls and sysctls.
+	 * XXX See mps_* and if_mib in mib.c, etc.
+	 */
+	if (pledge("stdio inet route recvfd vminfo", NULL) == -1)
+		fatal("pledge");
+#endif
 }
 
 void
-- 
cgit v1.2.3