From 1fa741bdf08abe26acc2e46d85daa33401f9489d Mon Sep 17 00:00:00 2001 From: mestre Date: Fri, 16 Jul 2021 14:36:09 +0000 Subject: [PATCH] main proc doesn't speak with sockets during the main loop and setpriority plus chroot (and privdrop) in the child procs at this point are all set and done so pledge("inet id") promises are not required anymore. analysis and OK @kn --- usr.sbin/ntpd/ntpd.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/usr.sbin/ntpd/ntpd.c b/usr.sbin/ntpd/ntpd.c index 076f917e2f7..8e6887435d6 100644 --- a/usr.sbin/ntpd/ntpd.c +++ b/usr.sbin/ntpd/ntpd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ntpd.c,v 1.131 2021/07/16 14:34:37 mestre Exp $ */ +/* $OpenBSD: ntpd.c,v 1.132 2021/07/16 14:36:09 mestre Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer @@ -285,7 +285,7 @@ main(int argc, char *argv[]) */ if (unveil("/usr/sbin/ntpd", "x") == -1) err(1, "unveil /usr/sbin/ntpd"); - if (pledge("stdio inet settime proc exec id", NULL) == -1) + if (pledge("stdio settime proc exec", NULL) == -1) err(1, "pledge"); while (quit == 0) { -- 2.20.1