From cedca710b9567758e7aea9edb521097119150f73 Mon Sep 17 00:00:00 2001 From: semarie Date: Mon, 12 Oct 2015 14:01:06 +0000 Subject: [PATCH] reenable pledge(2) on pax, but only if pmode isn't in use or if action shouldn't do things with filesystem. ok deraadt@ millert@ --- bin/pax/ar_io.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/bin/pax/ar_io.c b/bin/pax/ar_io.c index 0b22757ba73..8db2332e0fd 100644 --- a/bin/pax/ar_io.c +++ b/bin/pax/ar_io.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ar_io.c,v 1.52 2015/10/12 09:28:54 semarie Exp $ */ +/* $OpenBSD: ar_io.c,v 1.53 2015/10/12 14:01:06 semarie Exp $ */ /* $NetBSD: ar_io.c,v 1.5 1996/03/26 23:54:13 mrg Exp $ */ /*- @@ -1261,11 +1261,11 @@ ar_start_gzip(int fd, const char *path, int wr) close(fds[0]); close(fds[1]); -#if 0 - if (pledge("stdio rpath wpath cpath fattr getpw ioctl proc", - NULL) == -1) - err(1, "pledge"); -#endif + if (pmode == 0 || (act != EXTRACT && act != COPY)) { + if (pledge("stdio rpath wpath cpath fattr getpw ioctl proc", + NULL) == -1) + err(1, "pledge"); + } } else { if (wr) { dup2(fds[0], STDIN_FILENO); -- 2.20.1