From 1cd6c297dd5cc6b16b47ff9e1259bd2eb15db21b Mon Sep 17 00:00:00 2001
From: deraadt <deraadt@openbsd.org>
Date: Fri, 16 Oct 2015 14:20:48 +0000
Subject: [PATCH] Always allow a r/w opening of /dev/null though the namei
 check.  This pattern is common, especially because of daemon(3) usage.  Will
 probably help some daemons move their pledge() calls further upwards. ok
 doug,

---
 sys/kern/kern_pledge.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c
index b3e3f298615..6bcbaf2f15f 100644
--- a/sys/kern/kern_pledge.c
+++ b/sys/kern/kern_pledge.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_pledge.c,v 1.36 2015/10/16 14:04:11 semarie Exp $	*/
+/*	$OpenBSD: kern_pledge.c,v 1.37 2015/10/16 14:20:48 deraadt Exp $	*/
 
 /*
  * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
@@ -537,6 +537,13 @@ pledge_namei(struct proc *p, char *origpath)
 			return (0);
 		break;
 	case SYS_open:
+		/* daemon(3) or other such functions */
+		if ((p->p_pledgenote == TMN_RPATH ||
+		    p->p_pledgenote == TMN_WPATH)) {
+			if (strcmp(path, "/dev/null") == 0)
+				return (0);
+		}
+
 		/* getpw* and friends need a few files */
 		if ((p->p_pledgenote == TMN_RPATH) &&
 		    (p->p_p->ps_pledge & PLEDGE_GETPW)) {
-- 
2.20.1