From 90b2ad0c1df33f5cda3a6bf23b4b5b84122c2745 Mon Sep 17 00:00:00 2001 From: jca Date: Sat, 17 Oct 2015 01:01:09 +0000 Subject: [PATCH] route6d pledges to use only "stdio rpath wpath cpath inet route mcast" ok deraadt@ --- usr.sbin/route6d/route6d.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/usr.sbin/route6d/route6d.c b/usr.sbin/route6d/route6d.c index 27155d29b16..5cc70d3495d 100644 --- a/usr.sbin/route6d/route6d.c +++ b/usr.sbin/route6d/route6d.c @@ -1,4 +1,4 @@ -/* $OpenBSD: route6d.c,v 1.68 2015/10/16 20:43:27 jca Exp $ */ +/* $OpenBSD: route6d.c,v 1.69 2015/10/17 01:01:09 jca Exp $ */ /* $KAME: route6d.c,v 1.111 2006/10/25 06:38:13 jinmei Exp $ */ /* @@ -346,7 +346,12 @@ main(int argc, char *argv[]) ripbuf->rip6_res1[1] = 0; init(); + + if (pledge("stdio rpath wpath cpath inet route mcast", NULL) == -1) + err(1, "pledge"); + ifconfig(); + for (ifcp = ifc; ifcp; ifcp = ifcp->ifc_next) { if (ifcp->ifc_index < 0) { fprintf(stderr, -- 2.20.1