enqueue pledge: getmailname() needs dns, ~/dead.letter needs cpath/wpath

ok jung@, ok millert@

diff --git a/usr.sbin/smtpd/enqueue.c b/usr.sbin/smtpd/enqueue.c
index 7a3c150..510c188 100644 (file)
--- a/usr.sbin/smtpd/enqueue.c
+++ b/usr.sbin/smtpd/enqueue.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: enqueue.c,v 1.103 2015/10/17 16:20:46 sunil Exp $     */
+/*     $OpenBSD: enqueue.c,v 1.104 2015/10/27 21:01:09 gilles Exp $    */
 
 /*
  * Copyright (c) 2005 Henning Brauer <henning@bulabula.org>
@@ -296,7 +296,7 @@ enqueue(int argc, char *argv[], FILE *ofp)
        if ((msg.fd = open_connection()) == -1)
                errx(EX_UNAVAILABLE, "server too busy");
 
-       if (pledge("stdio", NULL) == -1)
+       if (pledge("stdio wpath cpath", NULL) == -1)
                err(1, "pledge");
 
        fout = fdopen(msg.fd, "a+");

diff --git a/usr.sbin/smtpd/smtpctl.c b/usr.sbin/smtpd/smtpctl.c
index d34e5b2..26e9747 100644 (file)
--- a/usr.sbin/smtpd/smtpctl.c
+++ b/usr.sbin/smtpd/smtpctl.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: smtpctl.c,v 1.132 2015/10/16 13:37:44 millert Exp $   */
+/*     $OpenBSD: smtpctl.c,v 1.133 2015/10/27 21:01:09 gilles Exp $    */
 
 /*
  * Copyright (c) 2013 Eric Faurot <eric@openbsd.org>
@@ -932,7 +932,8 @@ main(int argc, char **argv)
                        err(1, "setresgid");
 
                /* we'll reduce further down the road */
-               if (pledge("stdio rpath tmppath flock getpw recvfd", NULL) == -1)
+               if (pledge("stdio rpath wpath cpath tmppath flock "
+                       "dns getpw recvfd", NULL) == -1)
                        err(1, "pledge");
                
                sendmail = 1;