From b632994032213d0c971ab8e2ae2b774ba65c9ca2 Mon Sep 17 00:00:00 2001
From: deraadt <deraadt@openbsd.org>
Date: Sat, 10 Oct 2015 21:08:09 +0000
Subject: [PATCH] pledge "stdio inet rpath" seems to be enough for a YP
 environment. rpath is to access /etc/rpc, and inet to talk to portmap & local
 world. ok beck

---
 usr.bin/ypcat/ypcat.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/usr.bin/ypcat/ypcat.c b/usr.bin/ypcat/ypcat.c
index 26f9df78b22..a87f4361f49 100644
--- a/usr.bin/ypcat/ypcat.c
+++ b/usr.bin/ypcat/ypcat.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ypcat.c,v 1.16 2015/02/08 23:40:35 deraadt Exp $ */
+/*	$OpenBSD: ypcat.c,v 1.17 2015/10/10 21:08:09 deraadt Exp $ */
 
 /*
  * Copyright (c) 1992, 1993, 1996 Theo de Raadt <deraadt@theos.com>
@@ -88,6 +88,9 @@ main(int argc, char *argv[])
 	extern int optind;
 	int notrans, c, r, i;
 
+	if (pledge("stdio rpath inet", NULL) == -1)
+		perror("pledge");
+
 	notrans = key = 0;
 	while ((c=getopt(argc, argv, "xd:kt")) != -1)
 		switch (c) {
-- 
2.20.1