From 78497d213c65f1b9af0b1f5687bc52192fe6a928 Mon Sep 17 00:00:00 2001 From: renato Date: Fri, 23 Oct 2015 10:10:17 +0000 Subject: [PATCH] Add pledge(2) to the child processes. This is almost identical to the eigrpd(8) pledge diff, with the exception that the parent process can not be pledged bacause of a SIOCSETMPWCFG ioctl used to configure pseudowires. Looks good to deraadt@. --- usr.sbin/ldpd/lde.c | 5 ++++- usr.sbin/ldpd/ldpe.c | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/usr.sbin/ldpd/lde.c b/usr.sbin/ldpd/lde.c index 5d3f698b856..03904d39b2b 100644 --- a/usr.sbin/ldpd/lde.c +++ b/usr.sbin/ldpd/lde.c @@ -1,4 +1,4 @@ -/* $OpenBSD: lde.c,v 1.38 2015/07/21 04:52:29 renato Exp $ */ +/* $OpenBSD: lde.c,v 1.39 2015/10/23 10:10:17 renato Exp $ */ /* * Copyright (c) 2004, 2005 Claudio Jeker @@ -113,6 +113,9 @@ lde(struct ldpd_conf *xconf, int pipe_parent2lde[2], int pipe_ldpe2lde[2], setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) fatal("can't drop privileges"); + if (pledge("stdio", NULL) == -1) + fatal("pledge"); + event_init(); /* setup signal handler */ diff --git a/usr.sbin/ldpd/ldpe.c b/usr.sbin/ldpd/ldpe.c index 8df97e506cd..8b87161974b 100644 --- a/usr.sbin/ldpd/ldpe.c +++ b/usr.sbin/ldpd/ldpe.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ldpe.c,v 1.39 2015/07/21 05:04:12 renato Exp $ */ +/* $OpenBSD: ldpe.c,v 1.40 2015/10/23 10:10:17 renato Exp $ */ /* * Copyright (c) 2005 Claudio Jeker @@ -271,6 +271,9 @@ ldpe(struct ldpd_conf *xconf, int pipe_parent2ldpe[2], int pipe_ldpe2lde[2], LIST_FOREACH(tnbr, &leconf->tnbr_list, entry) tnbr_init(xconf, tnbr); + if (pledge("stdio cpath inet mcast", NULL) == -1) + fatal("pledge"); + event_dispatch(); ldpe_shutdown(); -- 2.20.1