tmux can call pledge() in main with large set and then reduce it

slightly in the server to "stdio rpath wpath cpath fattr unix recvfd
proc exec tty ps".

diff --git a/usr.bin/tmux/server.c b/usr.bin/tmux/server.c
index b8c892c..741b7ed 100644 (file)
--- a/usr.bin/tmux/server.c
+++ b/usr.bin/tmux/server.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: server.c,v 1.142 2015/10/22 10:48:30 nicm Exp $ */
+/* $OpenBSD: server.c,v 1.143 2015/10/23 16:07:29 nicm Exp $ */
 
 /*
  * Copyright (c) 2007 Nicholas Marriott <nicm@users.sourceforge.net>
@@ -178,6 +178,10 @@ server_start(struct event_base *base, int lockfd, char *lockfile)
        }
        close(pair[0]);
 
+       if (pledge("stdio rpath wpath cpath fattr unix recvfd proc exec tty "
+           "ps", NULL) != 0)
+               fatal("pledge failed");
+
        /*
         * Must daemonise before loading configuration as the PID changes so
         * $TMUX would be wrong for sessions created in the config file.

diff --git a/usr.bin/tmux/tmux.c b/usr.bin/tmux/tmux.c
index 91d28da..11fde3a 100644 (file)
--- a/usr.bin/tmux/tmux.c
+++ b/usr.bin/tmux/tmux.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tmux.c,v 1.144 2015/09/14 12:12:24 nicm Exp $ */
+/* $OpenBSD: tmux.c,v 1.145 2015/10/23 16:07:29 nicm Exp $ */
 
 /*
  * Copyright (c) 2007 Nicholas Marriott <nicm@users.sourceforge.net>
@@ -19,6 +19,7 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 
+#include <err.h>
 #include <errno.h>
 #include <event.h>
 #include <fcntl.h>
@@ -254,6 +255,10 @@ main(int argc, char **argv)
        if (shell_cmd != NULL && argc != 0)
                usage();
 
+       if (pledge("stdio rpath wpath cpath flock fattr unix sendfd recvfd "
+           "proc exec tty ps", NULL) != 0)
+               err(1, "pledge");
+
        if (!(flags & CLIENT_UTF8)) {
                /*
                 * If the user has set whichever of LC_ALL, LC_CTYPE or LANG