pledge "stdio rpath wpath cpath getpw fattr flock"

author deraadt <deraadt@openbsd.org>

Fri, 16 Oct 2015 22:54:35 +0000 (22:54 +0000)

committer deraadt <deraadt@openbsd.org>

Fri, 16 Oct 2015 22:54:35 +0000 (22:54 +0000)
author deraadt <deraadt@openbsd.org>
Fri, 16 Oct 2015 22:54:35 +0000 (22:54 +0000)
committer deraadt <deraadt@openbsd.org>
Fri, 16 Oct 2015 22:54:35 +0000 (22:54 +0000)
diff --git a/usr.sbin/pwd_mkdb/pwd_mkdb.c b/usr.sbin/pwd_mkdb/pwd_mkdb.c

index 1e8b399..20d1733 100644 (file)
--- a/usr.sbin/pwd_mkdb/pwd_mkdb.c
+++ b/usr.sbin/pwd_mkdb/pwd_mkdb.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: pwd_mkdb.c,v 1.50 2015/08/27 19:11:37 gsoares Exp $   */
+/*     $OpenBSD: pwd_mkdb.c,v 1.51 2015/10/16 22:54:35 deraadt Exp $   */
  
  /*-
   * Copyright (c) 1991, 1993, 1994
@@ -233,6 +233,9 @@ main(int argc, char **argv)
                 warn("%s: unable to make group readable", _PATH_SMP_DB);
         clean |= FILE_SECURE;
  
+       if (pledge("stdio rpath wpath cpath getpw fattr flock", NULL) == -1)
+               err(1, "pledge");
+
         /* Open the temporary insecure password database. */
         if (!secureonly) {
                 (void)snprintf(buf, sizeof(buf), "%s.tmp",
author	deraadt <deraadt@openbsd.org>
	Fri, 16 Oct 2015 22:54:35 +0000 (22:54 +0000)
committer	deraadt <deraadt@openbsd.org>
	Fri, 16 Oct 2015 22:54:35 +0000 (22:54 +0000)