I added the 2nd argument (execpromises) to pledge(2), and then hunted

for more than a year code which could use it; but in all non-trivial
circumstances (programs which would benefit), I was stopped by issues
(in particular by environment variable behavious).  But I never looked
in ldd(1).  This is the FIRST one which is completely obvious.
spledge(NULL, "stdio rpath")
ok guenther

diff --git a/libexec/ld.so/ldd/ldd.c b/libexec/ld.so/ldd/ldd.c
index 860f463..9e8c506 100644 (file)
--- a/libexec/ld.so/ldd/ldd.c
+++ b/libexec/ld.so/ldd/ldd.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: ldd.c,v 1.23 2023/07/13 19:04:50 jasper Exp $ */
+/*     $OpenBSD: ldd.c,v 1.24 2023/07/24 01:02:47 deraadt Exp $        */
 /*
  * Copyright (c) 2001 Artur Grabowski <art@openbsd.org>
  * All rights reserved.
@@ -183,6 +183,8 @@ doit(char *name)
                        _exit(0);
                }
 
+               if (pledge(NULL, "stdio rpath") == -1)
+                       err(1, "pledge");
                execl(name, name, (char *)NULL);
                perror(name);
                _exit(1);