smtpd starts rather robustly with a gigantic pledge request group (keep

in mind that a gigantic group is already < ~50% of POSIX).  It then
grinds these down bit by bit as it sets up privsep for the various
processes.  At startup, smtpd will need the new "id" request as well.
ok gilles tedu

diff --git a/usr.sbin/smtpd/smtpd.c b/usr.sbin/smtpd/smtpd.c
index d8222db..3100b15 100644 (file)
--- a/usr.sbin/smtpd/smtpd.c
+++ b/usr.sbin/smtpd/smtpd.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: smtpd.c,v 1.248 2015/10/16 20:54:55 gilles Exp $      */
+/*     $OpenBSD: smtpd.c,v 1.249 2015/10/17 04:36:10 deraadt Exp $     */
 
 /*
  * Copyright (c) 2008 Gilles Chehade <gilles@poolp.org>
@@ -690,7 +690,8 @@ main(int argc, char *argv[])
 
        purge_task();
 
-       if (pledge("stdio rpath wpath cpath flock tmppath getpw sendfd proc exec", NULL) == -1)
+       if (pledge("stdio rpath wpath cpath flock tmppath getpw sendfd proc exec id",
+           NULL) == -1)
                err(1, "pledge");
        
        if (event_dispatch() < 0)