Pledge monitoring process; ok tedu@

author anton <anton@openbsd.org>

Sat, 10 Feb 2018 17:51:37 +0000 (17:51 +0000)

committer anton <anton@openbsd.org>

Sat, 10 Feb 2018 17:51:37 +0000 (17:51 +0000)
author anton <anton@openbsd.org>
Sat, 10 Feb 2018 17:51:37 +0000 (17:51 +0000)
committer anton <anton@openbsd.org>
Sat, 10 Feb 2018 17:51:37 +0000 (17:51 +0000)
diff --git a/usr.sbin/rebound/rebound.c b/usr.sbin/rebound/rebound.c

index d27e065..dc7756e 100644 (file)
--- a/usr.sbin/rebound/rebound.c
+++ b/usr.sbin/rebound/rebound.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: rebound.c,v 1.93 2018/02/07 01:02:46 tedu Exp $ */
+/* $OpenBSD: rebound.c,v 1.94 2018/02/10 17:51:37 anton Exp $ */
  /*
   * Copyright (c) 2015 Ted Unangst <tedu@openbsd.org>
   *
@@ -886,6 +886,9 @@ monitorloop(int ud, int ld, int ud6, int ld6, const char *confname)
         int conffd = -1;
         struct timespec ts, *timeout = NULL;
  
+       if (pledge("stdio rpath proc exec", NULL) == -1)
+               err(1, "pledge");
+
         kq = kqueue();
  
         /* catch these signals with kevent */
author	anton <anton@openbsd.org>
	Sat, 10 Feb 2018 17:51:37 +0000 (17:51 +0000)
committer	anton <anton@openbsd.org>
	Sat, 10 Feb 2018 17:51:37 +0000 (17:51 +0000)