pledge() timeout

author job <job@openbsd.org>

Wed, 1 Sep 2021 16:04:40 +0000 (16:04 +0000)

committer job <job@openbsd.org>

Wed, 1 Sep 2021 16:04:40 +0000 (16:04 +0000)
author job <job@openbsd.org>
Wed, 1 Sep 2021 16:04:40 +0000 (16:04 +0000)
committer job <job@openbsd.org>
Wed, 1 Sep 2021 16:04:40 +0000 (16:04 +0000)
diff --git a/usr.bin/timeout/timeout.c b/usr.bin/timeout/timeout.c

index d2b1459..6ad14e8 100644 (file)
--- a/usr.bin/timeout/timeout.c
+++ b/usr.bin/timeout/timeout.c
@@ -193,11 +193,6 @@ main(int argc, char **argv)
                 SIGQUIT,
         };
  
-       foreground = preserve = 0;
-       second_kill = 0;
-       cpid = -1;
-       pgid = -1;
-
         const struct option longopts[] = {
                 { "preserve-status", no_argument,       &preserve,    1 },
                 { "foreground",      no_argument,       &foreground,  1 },
@@ -207,6 +202,14 @@ main(int argc, char **argv)
                 { NULL,              0,                 NULL,         0 }
         };
  
+       if (pledge("stdio proc exec", NULL) == -1)
+               err(1, "pledge");
+
+       foreground = preserve = 0;
+       second_kill = 0;
+       cpid = -1;
+       pgid = -1;
+
         while ((ch = getopt_long(argc, argv, "+k:s:h", longopts, NULL)) != -1) {
                 switch (ch) {
                 case 'k':
@@ -276,6 +279,9 @@ main(int argc, char **argv)
                         err(1, "exec()");
         }
  
+       if (pledge("stdio", NULL) == -1)
+               err(1, "pledge");
+
         if (sigprocmask(SIG_BLOCK, &signals.sa_mask, NULL) == -1)
                 err(1, "sigprocmask()");
author	job <job@openbsd.org>
	Wed, 1 Sep 2021 16:04:40 +0000 (16:04 +0000)
committer	job <job@openbsd.org>
	Wed, 1 Sep 2021 16:04:40 +0000 (16:04 +0000)