From: deraadt <deraadt@openbsd.org>
Date: Mon, 26 Oct 2015 12:13:45 +0000 (+0000)
Subject: Allow NET_RT_IFLIST in pledge "dns" as well
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=40b7c5f6950831413397092bb3d137962391dd90;p=openbsd

Allow NET_RT_IFLIST in pledge "dns" as well
---

diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c
index 6d8c74c9796..b78c29876d5 100644
--- a/sys/kern/kern_pledge.c
+++ b/sys/kern/kern_pledge.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_pledge.c,v 1.78 2015/10/26 11:17:52 deraadt Exp $	*/
+/*	$OpenBSD: kern_pledge.c,v 1.79 2015/10/26 12:13:45 deraadt Exp $	*/
 
 /*
  * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
@@ -944,7 +944,7 @@ pledge_sysctl_check(struct proc *p, int miblen, int *mib, void *new)
 			return (0);
 	}
 
-	if ((p->p_p->ps_pledge & (PLEDGE_ROUTE | PLEDGE_INET))) {
+	if ((p->p_p->ps_pledge & (PLEDGE_ROUTE | PLEDGE_INET | PLEDGE_DNS))) {
 		if (miblen == 6 &&		/* getifaddrs() */
 		    mib[0] == CTL_NET && mib[1] == PF_ROUTE &&
 		    mib[2] == 0 &&