From: deraadt <deraadt@openbsd.org>
Date: Sat, 10 Oct 2015 19:15:53 +0000 (+0000)
Subject: For pledge, sigsuspend() should is affecting the behaviour a process itself,
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=44e5764e063dacf4fe067ebcc5cb8d0e2a557376;p=openbsd

For pledge, sigsuspend() should is affecting the behaviour a process itself,
so we should allow it for 'self'.
ok djm
---

diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c
index f6394c6872c..5ee44b4582e 100644
--- a/sys/kern/kern_pledge.c
+++ b/sys/kern/kern_pledge.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_pledge.c,v 1.9 2015/10/10 16:35:08 deraadt Exp $	*/
+/*	$OpenBSD: kern_pledge.c,v 1.10 2015/10/10 19:15:53 deraadt Exp $	*/
 
 /*
  * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
@@ -89,6 +89,7 @@ const u_int pledge_syscalls[SYS_MAXSYSCALL] = {
 	[SYS_sendsyslog] = PLEDGE_SELF,
 	[SYS_nanosleep] = PLEDGE_SELF,
 	[SYS_sigprocmask] = PLEDGE_SELF,
+	[SYS_sigsuspend] = PLEDGE_SELF,
 	[SYS_sigaction] = PLEDGE_SELF,
 	[SYS_sigreturn] = PLEDGE_SELF,
 	[SYS_sigpending] = PLEDGE_SELF,
@@ -138,7 +139,6 @@ const u_int pledge_syscalls[SYS_MAXSYSCALL] = {
 	[SYS_vfork] = PLEDGE_PROC,
 	[SYS_kill] = PLEDGE_SELF | PLEDGE_PROC,	
 	[SYS_setpgid] = PLEDGE_PROC,
-	[SYS_sigsuspend] = PLEDGE_PROC,
 	[SYS_setrlimit] = PLEDGE_PROC,
 
 	[SYS_execve] = PLEDGE_EXEC,