this cpp operates file using pledge "stdio rpath wpath cpath"

author deraadt <deraadt@openbsd.org>

Fri, 9 Oct 2015 12:20:18 +0000 (12:20 +0000)

committer deraadt <deraadt@openbsd.org>

Fri, 9 Oct 2015 12:20:18 +0000 (12:20 +0000)
author deraadt <deraadt@openbsd.org>
Fri, 9 Oct 2015 12:20:18 +0000 (12:20 +0000)
committer deraadt <deraadt@openbsd.org>
Fri, 9 Oct 2015 12:20:18 +0000 (12:20 +0000)
diff --git a/libexec/tradcpp/main.c b/libexec/tradcpp/main.c

index eae7f44..267c279 100644 (file)
--- a/libexec/tradcpp/main.c
+++ b/libexec/tradcpp/main.c
@@ -31,6 +31,7 @@
  #include <stdio.h>
  #include <stdarg.h>
  #include <stdlib.h>
+#include <unistd.h>
  #include <string.h>
  #include <errno.h>
  
@@ -1037,6 +1038,11 @@ main(int argc, char *argv[])
         progname = progname == NULL ? argv[0] : progname + 1;
         complain_init(progname);
  
+       if (pledge("stdio rpath wpath cpath", NULL) == -1) {
+               fprintf(stderr, "%s: pledge: %s", progname, strerror(errno));
+               exit(1);
+       }
+
         init();
  
         for (i=1; i<argc; i++) {
author	deraadt <deraadt@openbsd.org>
	Fri, 9 Oct 2015 12:20:18 +0000 (12:20 +0000)
committer	deraadt <deraadt@openbsd.org>
	Fri, 9 Oct 2015 12:20:18 +0000 (12:20 +0000)