From 44e5764e063dacf4fe067ebcc5cb8d0e2a557376 Mon Sep 17 00:00:00 2001
From: deraadt <deraadt@openbsd.org>
Date: Sat, 10 Oct 2015 19:15:53 +0000
Subject: [PATCH] For pledge, sigsuspend() should is affecting the behaviour a
 process itself, so we should allow it for 'self'. ok djm

---
 sys/kern/kern_pledge.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/sys/kern/kern_pledge.c b/sys/kern/kern_pledge.c
index f6394c6872c..5ee44b4582e 100644
--- a/sys/kern/kern_pledge.c
+++ b/sys/kern/kern_pledge.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_pledge.c,v 1.9 2015/10/10 16:35:08 deraadt Exp $	*/
+/*	$OpenBSD: kern_pledge.c,v 1.10 2015/10/10 19:15:53 deraadt Exp $	*/
 
 /*
  * Copyright (c) 2015 Nicholas Marriott <nicm@openbsd.org>
@@ -89,6 +89,7 @@ const u_int pledge_syscalls[SYS_MAXSYSCALL] = {
 	[SYS_sendsyslog] = PLEDGE_SELF,
 	[SYS_nanosleep] = PLEDGE_SELF,
 	[SYS_sigprocmask] = PLEDGE_SELF,
+	[SYS_sigsuspend] = PLEDGE_SELF,
 	[SYS_sigaction] = PLEDGE_SELF,
 	[SYS_sigreturn] = PLEDGE_SELF,
 	[SYS_sigpending] = PLEDGE_SELF,
@@ -138,7 +139,6 @@ const u_int pledge_syscalls[SYS_MAXSYSCALL] = {
 	[SYS_vfork] = PLEDGE_PROC,
 	[SYS_kill] = PLEDGE_SELF | PLEDGE_PROC,	
 	[SYS_setpgid] = PLEDGE_PROC,
-	[SYS_sigsuspend] = PLEDGE_PROC,
 	[SYS_setrlimit] = PLEDGE_PROC,
 
 	[SYS_execve] = PLEDGE_EXEC,
-- 
2.20.1