From a1840542eda6944fe88e28f4b255e55f9bab258b Mon Sep 17 00:00:00 2001
From: deraadt <deraadt@openbsd.org>
Date: Sat, 10 Oct 2015 22:21:39 +0000
Subject: [PATCH] pledge "stdio rpath wpath cpath fattr inet" after chroot and
 such appears to be good enough for the main loop processing.

---
 usr.sbin/tftpd/tftpd.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/usr.sbin/tftpd/tftpd.c b/usr.sbin/tftpd/tftpd.c
index b3552e3c933..8c7b518cf5a 100644
--- a/usr.sbin/tftpd/tftpd.c
+++ b/usr.sbin/tftpd/tftpd.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: tftpd.c,v 1.30 2015/10/06 06:03:11 deraadt Exp $	*/
+/*	$OpenBSD: tftpd.c,v 1.31 2015/10/10 22:21:39 deraadt Exp $	*/
 
 /*
  * Copyright (c) 2012 David Gwynne <dlg@uq.edu.au>
@@ -358,6 +358,9 @@ main(int argc, char *argv[])
 	if (!debug && daemon(1, 0) == -1)
 		err(1, "unable to daemonize");
 
+	if (pledge("stdio rpath wpath cpath fattr inet", NULL) == -1)
+		err(1, "pledge");
+
 	event_init();
 
 	if (rewrite != NULL)
-- 
2.20.1