We cannot tame if -R is specified, because mknod and mkfifo may be called.

But in other cases, we can use tame "stdio rpath wpath cpath fattr", including
for the historical -r option.

diff --git a/bin/cp/cp.c b/bin/cp/cp.c
index cf8e001..001f4c5 100644 (file)
--- a/bin/cp/cp.c
+++ b/bin/cp/cp.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: cp.c,v 1.38 2015/05/07 17:32:20 guenther Exp $        */
+/*     $OpenBSD: cp.c,v 1.39 2015/10/07 15:44:58 deraadt Exp $ */
 /*     $NetBSD: cp.c,v 1.14 1995/09/07 06:14:51 jtc Exp $      */
 
 /*
@@ -129,6 +129,11 @@ main(int argc, char *argv[])
        argc -= optind;
        argv += optind;
 
+       /* unfortunately, -R will use mkfifo & mknod */
+       if (Rflag == 0)
+               if (tame("stdio rpath wpath cpath fattr", NULL) == -1)
+                       err(1, "tame");
+
        if (argc < 2)
                usage();