From: gilles <gilles@openbsd.org>
Date: Tue, 27 Oct 2015 21:01:09 +0000 (+0000)
Subject: enqueue pledge: getmailname() needs dns, ~/dead.letter needs cpath/wpath
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=7cf9226e416c8a34bb20bfc6ec2b6385267f62da;p=openbsd

enqueue pledge: getmailname() needs dns, ~/dead.letter needs cpath/wpath

ok jung@, ok millert@
---

diff --git a/usr.sbin/smtpd/enqueue.c b/usr.sbin/smtpd/enqueue.c
index 7a3c15060e2..510c18849f3 100644
--- a/usr.sbin/smtpd/enqueue.c
+++ b/usr.sbin/smtpd/enqueue.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: enqueue.c,v 1.103 2015/10/17 16:20:46 sunil Exp $	*/
+/*	$OpenBSD: enqueue.c,v 1.104 2015/10/27 21:01:09 gilles Exp $	*/
 
 /*
  * Copyright (c) 2005 Henning Brauer <henning@bulabula.org>
@@ -296,7 +296,7 @@ enqueue(int argc, char *argv[], FILE *ofp)
 	if ((msg.fd = open_connection()) == -1)
 		errx(EX_UNAVAILABLE, "server too busy");
 
-	if (pledge("stdio", NULL) == -1)
+	if (pledge("stdio wpath cpath", NULL) == -1)
 		err(1, "pledge");
 
 	fout = fdopen(msg.fd, "a+");
diff --git a/usr.sbin/smtpd/smtpctl.c b/usr.sbin/smtpd/smtpctl.c
index d34e5b2d343..26e97476a4f 100644
--- a/usr.sbin/smtpd/smtpctl.c
+++ b/usr.sbin/smtpd/smtpctl.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: smtpctl.c,v 1.132 2015/10/16 13:37:44 millert Exp $	*/
+/*	$OpenBSD: smtpctl.c,v 1.133 2015/10/27 21:01:09 gilles Exp $	*/
 
 /*
  * Copyright (c) 2013 Eric Faurot <eric@openbsd.org>
@@ -932,7 +932,8 @@ main(int argc, char **argv)
 			err(1, "setresgid");
 
 		/* we'll reduce further down the road */
-		if (pledge("stdio rpath tmppath flock getpw recvfd", NULL) == -1)
+		if (pledge("stdio rpath wpath cpath tmppath flock "
+			"dns getpw recvfd", NULL) == -1)
 			err(1, "pledge");
 		
 		sendmail = 1;