From: deraadt <deraadt@openbsd.org>
Date: Fri, 9 Oct 2015 07:54:28 +0000 (+0000)
Subject: All commands seem to work fine with pledge "stdio" after the connect(),
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=4ca91f0766fd995b2c87c8fedabbed8b259a5698;p=openbsd

All commands seem to work fine with pledge "stdio" after the connect(),
direct source and symbol table inspection suggests it is good.  The same
principle will likely apply to most of our network daemon *ctl programs,
since many are derived from ospfd.  Still, each needs testing.
discussion about network daemons and ctl's has been mostly with renato
---

diff --git a/usr.sbin/ripctl/ripctl.c b/usr.sbin/ripctl/ripctl.c
index 93ebbc3ac49..24f5521e8a5 100644
--- a/usr.sbin/ripctl/ripctl.c
+++ b/usr.sbin/ripctl/ripctl.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ripctl.c,v 1.14 2015/09/27 17:32:36 stsp Exp $
+/*	$OpenBSD: ripctl.c,v 1.15 2015/10/09 07:54:28 deraadt Exp $
  *
  * Copyright (c) 2006 Michele Marchetto <mydecay@openbeer.it>
  * Copyright (c) 2005 Claudio Jeker <claudio@openbsd.org>
@@ -88,6 +88,9 @@ main(int argc, char *argv[])
 	if (connect(ctl_sock, (struct sockaddr *)&sun, sizeof(sun)) == -1)
 		err(1, "connect: %s", RIPD_SOCKET);
 
+	if (pledge("stdio", NULL) == -1)
+		err(1, "pledge");
+
 	if ((ibuf = malloc(sizeof(struct imsgbuf))) == NULL)
 		err(1, NULL);
 	imsg_init(ibuf, ctl_sock);