From 5879777f45dba36abf9ddfb6064021fa49797b05 Mon Sep 17 00:00:00 2001 From: schwarze Date: Mon, 12 Oct 2015 22:41:18 +0000 Subject: [PATCH] plegde(2) for apropos(1), help(1), man(1), mandoc(1), and whatis(1): Always needed: stdio rpath (to open multiple files and for .so) In addition after starting the pager: tmppath (to clean up the temp files) In addition before starting the pager: proc exec Looks good to deraadt@. --- usr.bin/mandoc/main.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/usr.bin/mandoc/main.c b/usr.bin/mandoc/main.c index 07aa68222bd..a74303af955 100644 --- a/usr.bin/mandoc/main.c +++ b/usr.bin/mandoc/main.c @@ -1,4 +1,4 @@ -/* $OpenBSD: main.c,v 1.153 2015/10/12 00:07:27 schwarze Exp $ */ +/* $OpenBSD: main.c,v 1.154 2015/10/12 22:41:18 schwarze Exp $ */ /* * Copyright (c) 2008-2012 Kristaps Dzonsons * Copyright (c) 2010-2012, 2014, 2015 Ingo Schwarze @@ -135,6 +135,9 @@ main(int argc, char *argv[]) 0 == strncmp(__progname, "makewhatis", 10)) return mandocdb(argc, argv); + if (pledge("stdio rpath tmppath proc exec", NULL) == -1) + err(1, "pledge"); + /* Search options. */ memset(&conf, 0, sizeof(conf)); @@ -274,6 +277,9 @@ main(int argc, char *argv[]) !isatty(STDOUT_FILENO)) use_pager = 0; + if (!use_pager && pledge("stdio rpath", NULL) == -1) + err(1, "pledge"); + /* Parse arguments. */ if (argc > 0) { @@ -955,6 +961,8 @@ spawn_pager(struct tag_files *tag_files) case 0: break; default: + if (pledge("stdio rpath tmppath", NULL) == -1) + err(1, "pledge"); return pager_pid; } -- 2.20.1