From d62c5ed9de13ff7214669d6a768b48a26698f474 Mon Sep 17 00:00:00 2001
From: deraadt <deraadt@openbsd.org>
Date: Fri, 3 Aug 2018 14:39:55 +0000
Subject: [PATCH] unveil _PATH_DEVDB for devname().   All other filenames are
 opened before unveil/pledge.

---
 usr.sbin/pstat/pstat.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/usr.sbin/pstat/pstat.c b/usr.sbin/pstat/pstat.c
index e0e3f33d61e..79499d848e9 100644
--- a/usr.sbin/pstat/pstat.c
+++ b/usr.sbin/pstat/pstat.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pstat.c,v 1.117 2018/06/18 09:15:05 mpi Exp $	*/
+/*	$OpenBSD: pstat.c,v 1.118 2018/08/03 14:39:55 deraadt Exp $	*/
 /*	$NetBSD: pstat.c,v 1.27 1996/10/23 22:50:06 cgd Exp $	*/
 
 /*-
@@ -229,6 +229,8 @@ main(int argc, char *argv[])
 			ttymodeprep();
 	}
 
+	if (unveil(_PATH_DEVDB, "r") == -1)
+		err(1, "unveil");
 	if (pledge("stdio rpath vminfo", NULL) == -1)
 		err(1, "pledge");
 
-- 
2.20.1