From: deraadt <deraadt@openbsd.org>
Date: Thu, 22 Oct 2015 11:01:43 +0000 (+0000)
Subject: Further study shows "route" should allow all address families in NET_RT_DUMP
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=3088815a552073f17f048fff991b69111d43f052;p=openbsd

Further study shows "route" should allow all address families in NET_RT_DUMP
With benno
---

diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c
index ea9af2323da..05ec65552f1 100644
--- a/sys/kern/kern_pledge.c
+++ b/sys/kern/kern_pledge.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_pledge.c,v 1.63 2015/10/22 10:35:23 deraadt Exp $	*/
+/*	$OpenBSD: kern_pledge.c,v 1.64 2015/10/22 11:01:43 deraadt Exp $	*/
 
 /*
  * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
@@ -839,7 +839,6 @@ pledge_sysctl_check(struct proc *p, int miblen, int *mib, void *new)
 		if ((miblen == 6 || miblen == 7) &&
 		    mib[0] == CTL_NET && mib[1] == PF_ROUTE &&
 		    mib[2] == 0 &&
-		    (mib[3] == 0 || mib[3] == AF_INET6 || mib[3] == AF_INET) &&
 		    mib[4] == NET_RT_DUMP)
 			return (0);