From 9dd185ad7bb0c7a2398a5bb52303197cd79497e8 Mon Sep 17 00:00:00 2001 From: nicm Date: Fri, 29 May 2015 15:58:34 +0000 Subject: [PATCH] millert points out I can just call tzset() early to avoid having to permit access() in the child. --- usr.bin/file/file.c | 5 ++++- usr.bin/file/sandbox.c | 3 +-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/usr.bin/file/file.c b/usr.bin/file/file.c index 2d65e65fbde..81294d8b791 100644 --- a/usr.bin/file/file.c +++ b/usr.bin/file/file.c @@ -1,4 +1,4 @@ -/* $OpenBSD: file.c,v 1.43 2015/05/29 12:33:41 nicm Exp $ */ +/* $OpenBSD: file.c,v 1.44 2015/05/29 15:58:34 nicm Exp $ */ /* * Copyright (c) 2015 Nicholas Marriott @@ -31,6 +31,7 @@ #include #include #include +#include #include #include "file.h" @@ -123,6 +124,8 @@ main(int argc, char **argv) struct input_ack *ack; pid_t pid, parent; + tzset(); + for (;;) { opt = getopt_long(argc, argv, "bchiLsW", longopts, NULL); if (opt == -1) diff --git a/usr.bin/file/sandbox.c b/usr.bin/file/sandbox.c index 383183551a7..597997a129d 100644 --- a/usr.bin/file/sandbox.c +++ b/usr.bin/file/sandbox.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sandbox.c,v 1.6 2015/05/29 12:38:28 nicm Exp $ */ +/* $OpenBSD: sandbox.c,v 1.7 2015/05/29 15:58:34 nicm Exp $ */ /* * Copyright (c) 2015 Nicholas Marriott @@ -40,7 +40,6 @@ static const struct } allowed_syscalls[] = { { SYS_open, SYSTR_POLICY_NEVER }, /* for strerror */ - { SYS_access, SYSTR_POLICY_PERMIT }, { SYS_close, SYSTR_POLICY_PERMIT }, { SYS_exit, SYSTR_POLICY_PERMIT }, { SYS_fcntl, SYSTR_POLICY_PERMIT }, -- 2.20.1