tame "stdio getpw rpath wpath tty". "tty" allows this to use

author deraadt <deraadt@openbsd.org>

Wed, 7 Oct 2015 04:05:24 +0000 (04:05 +0000)

committer deraadt <deraadt@openbsd.org>

Wed, 7 Oct 2015 04:05:24 +0000 (04:05 +0000)
author deraadt <deraadt@openbsd.org>
Wed, 7 Oct 2015 04:05:24 +0000 (04:05 +0000)
committer deraadt <deraadt@openbsd.org>
Wed, 7 Oct 2015 04:05:24 +0000 (04:05 +0000)
diff --git a/usr.bin/lock/lock.c b/usr.bin/lock/lock.c

index 1227649..b1a31de 100644 (file)
--- a/usr.bin/lock/lock.c
+++ b/usr.bin/lock/lock.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: lock.c,v 1.28 2015/01/16 06:40:09 deraadt Exp $       */
+/*     $OpenBSD: lock.c,v 1.29 2015/10/07 04:05:24 deraadt Exp $       */
  /*     $NetBSD: lock.c,v 1.8 1996/05/07 18:32:31 jtc Exp $     */
  
  /*
@@ -90,6 +90,9 @@ main(int argc, char *argv[])
         usemine = 0;
         no_timeout = 0;
  
+       if (tame("stdio getpw rpath wpath tty", NULL) == -1)
+               err(1, "tame");
+
         if (!(pw = getpwuid(getuid())))
                 errx(1, "unknown uid %u.", getuid());
author	deraadt <deraadt@openbsd.org>
	Wed, 7 Oct 2015 04:05:24 +0000 (04:05 +0000)
committer	deraadt <deraadt@openbsd.org>
	Wed, 7 Oct 2015 04:05:24 +0000 (04:05 +0000)