From aa29652caa049f1be07b8332c8830913cb6ce6a9 Mon Sep 17 00:00:00 2001 From: mestre Date: Thu, 26 Jul 2018 19:32:52 +0000 Subject: [PATCH] reduce pledge(2) to the bare minimum: after dbopen(3) occurs then all operations are on fds which don't need rpath/wpath and therefore spamdb(8) only needs stdio at all times after the DB was already open(2)ed great input from semarie@ OK deraadt@ --- usr.sbin/spamdb/spamdb.c | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/usr.sbin/spamdb/spamdb.c b/usr.sbin/spamdb/spamdb.c index f1766db50c5..871605ca826 100644 --- a/usr.sbin/spamdb/spamdb.c +++ b/usr.sbin/spamdb/spamdb.c @@ -1,4 +1,4 @@ -/* $OpenBSD: spamdb.c,v 1.34 2017/10/29 19:11:34 millert Exp $ */ +/* $OpenBSD: spamdb.c,v 1.35 2018/07/26 19:32:52 mestre Exp $ */ /* * Copyright (c) 2004 Bob Beck. All rights reserved. @@ -368,13 +368,8 @@ main(int argc, char **argv) action ? "writing" : "reading"); } - if (action == 0) { - if (pledge("stdio rpath", NULL) == -1) - err(1, "pledge"); - } else { - if (pledge("stdio rpath wpath", NULL) == -1) - err(1, "pledge"); - } + if (pledge("stdio", NULL) == -1) + err(1, "pledge"); switch (action) { case 0: -- 2.20.1