unveil of _PATH_DEVDB "/var/run/dev.db" can be done before pledge for

use by ttyname, no other files are accessed after that.

diff --git a/usr.bin/tty/tty.c b/usr.bin/tty/tty.c
index 5977cf2..0409f44 100644 (file)
--- a/usr.bin/tty/tty.c
+++ b/usr.bin/tty/tty.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: tty.c,v 1.10 2015/10/12 19:56:47 naddy Exp $  */
+/*     $OpenBSD: tty.c,v 1.11 2018/08/03 06:55:41 deraadt Exp $        */
 /*     $NetBSD: tty.c,v 1.4 1994/12/07 00:46:57 jtc Exp $      */
 
 /*
@@ -33,6 +33,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <unistd.h>
+#include <paths.h>
 #include <err.h>
 
 static void usage(void);
@@ -43,9 +44,6 @@ main(int argc, char *argv[])
        int ch, sflag;
        char *t;
 
-       if (pledge("stdio rpath", NULL) == -1)
-               err(1, "pledge");
-
        sflag = 0;
        while ((ch = getopt(argc, argv, "s")) != -1) {
                switch(ch) {
@@ -59,6 +57,11 @@ main(int argc, char *argv[])
                }
        }
 
+       if (unveil(_PATH_DEVDB, "r") == -1)
+               err(1, "unveil");
+       if (pledge("stdio rpath", NULL) == -1)
+               err(1, "pledge");
+
        t = ttyname(STDIN_FILENO);
        if (!sflag)
                puts(t ? t : "not a tty");