reduce pledge(2) to "stdio tty" after ncurses initialization. robots(6) uses a

scorefile nevertheless an fd is opened way in advance and therefore we can
disable any further access to the filesystem.

OK tb@

diff --git a/games/robots/main.c b/games/robots/main.c
index 8095529..e7918df 100644 (file)
--- a/games/robots/main.c
+++ b/games/robots/main.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: main.c,v 1.26 2017/05/28 21:01:13 tedu Exp $  */
+/*     $OpenBSD: main.c,v 1.27 2018/08/23 06:26:35 mestre Exp $        */
 /*     $NetBSD: main.c,v 1.5 1995/04/22 10:08:54 cgd Exp $     */
 
 /*
@@ -140,6 +140,10 @@ main(int ac, char *av[])
        }
 
        initscr();
+
+       if (pledge("stdio tty", NULL) == -1)
+               err(1, "pledge");
+
        signal(SIGINT, quit);
        cbreak();
        noecho();