From 18df95309a628081c228ab8926af15ee0286e19b Mon Sep 17 00:00:00 2001 From: deraadt Date: Sat, 10 Oct 2015 20:18:30 +0000 Subject: [PATCH] normalize the ordering of tame requests (particularily, "rpath wpath cpath", which i have put in that order). this is not important, but helps look for outliers which might be strange. it hints that "ioctl" should be reassessed in a few places, to see if "tty" is better; that "unix" may be used in some places where "route" could now work. --- bin/md5/md5.c | 4 ++-- bin/mkdir/mkdir.c | 4 ++-- usr.bin/openssl/openssl.c | 4 ++-- usr.bin/sed/main.c | 6 +++--- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/bin/md5/md5.c b/bin/md5/md5.c index b9b6838eb5e..2926c372fdf 100644 --- a/bin/md5/md5.c +++ b/bin/md5/md5.c @@ -1,4 +1,4 @@ -/* $OpenBSD: md5.c,v 1.82 2015/10/09 01:37:06 deraadt Exp $ */ +/* $OpenBSD: md5.c,v 1.83 2015/10/10 20:18:30 deraadt Exp $ */ /* * Copyright (c) 2001,2003,2005-2007,2010,2013,2014 @@ -200,7 +200,7 @@ main(int argc, char **argv) int fl, error, base64, i; int bflag, cflag, pflag, rflag, tflag, xflag; - if (pledge("stdio cpath rpath wpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath", NULL) == -1) err(1, "pledge"); TAILQ_INIT(&hl); diff --git a/bin/mkdir/mkdir.c b/bin/mkdir/mkdir.c index a9a78632188..9ebf6b4b4b0 100644 --- a/bin/mkdir/mkdir.c +++ b/bin/mkdir/mkdir.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mkdir.c,v 1.27 2015/10/09 01:37:06 deraadt Exp $ */ +/* $OpenBSD: mkdir.c,v 1.28 2015/10/10 20:18:30 deraadt Exp $ */ /* $NetBSD: mkdir.c,v 1.14 1995/06/25 21:59:21 mycroft Exp $ */ /* @@ -83,7 +83,7 @@ main(int argc, char *argv[]) argv += optind; if (mode & (S_ISUID | S_ISGID | S_ISTXT) == 0) { - if (pledge("stdio cpath rpath fattr", NULL) == -1) + if (pledge("stdio rpath cpath fattr", NULL) == -1) err(1, "pledge"); } diff --git a/usr.bin/openssl/openssl.c b/usr.bin/openssl/openssl.c index 8ac645636a8..9db7e5b4eb1 100644 --- a/usr.bin/openssl/openssl.c +++ b/usr.bin/openssl/openssl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: openssl.c,v 1.15 2015/10/09 01:37:08 deraadt Exp $ */ +/* $OpenBSD: openssl.c,v 1.16 2015/10/10 20:18:30 deraadt Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -436,7 +436,7 @@ main(int argc, char **argv) arg.data = NULL; arg.count = 0; - if (pledge("stdio inet rpath cpath wpath proc", NULL) == -1) { + if (pledge("stdio inet rpath wpath cpath proc", NULL) == -1) { fprintf(stderr, "openssl: pledge: %s\n", strerror(errno)); exit(1); } diff --git a/usr.bin/sed/main.c b/usr.bin/sed/main.c index 50ed1c01a3d..015b8bc119a 100644 --- a/usr.bin/sed/main.c +++ b/usr.bin/sed/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.26 2015/10/09 01:37:08 deraadt Exp $ */ +/* $OpenBSD: main.c,v 1.27 2015/10/10 20:18:30 deraadt Exp $ */ /*- * Copyright (c) 1992 Diomidis Spinellis. @@ -160,10 +160,10 @@ main(int argc, char *argv[]) termwidth = 60; if (inplace != NULL) { - if (pledge("stdio wpath rpath cpath fattr", NULL) == -1) + if (pledge("stdio rpath wpath cpath fattr", NULL) == -1) err(1, "pledge"); } else { - if (pledge("stdio wpath rpath cpath", NULL) == -1) + if (pledge("stdio rpath wpath cpath", NULL) == -1) err(1, "pledge"); } -- 2.20.1