From fcba609bc7c6574f5227754057012d6b3bcb73ad Mon Sep 17 00:00:00 2001
From: jan <jan@openbsd.org>
Date: Sat, 15 May 2021 13:37:43 +0000
Subject: [PATCH] Add pledge for ftpd's user processes.

OK tobhe@
---
 libexec/ftpd/monitor.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/libexec/ftpd/monitor.c b/libexec/ftpd/monitor.c
index 34d38e7fb7e..205a6d2943e 100644
--- a/libexec/ftpd/monitor.c
+++ b/libexec/ftpd/monitor.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: monitor.c,v 1.26 2019/06/28 13:32:53 deraadt Exp $	*/
+/*	$OpenBSD: monitor.c,v 1.27 2021/05/15 13:37:43 jan Exp $	*/
 
 /*
  * Copyright (c) 2004 Moritz Jodeit <moritz@openbsd.org>
@@ -295,11 +295,17 @@ handle_cmds(void)
 				    sizeof(slavequit));
 				break;
 			case AUTH_SLAVE:
+				if (pledge("stdio rpath wpath cpath inet recvfd"
+				   " sendfd proc tty getpw", NULL) == -1)
+					fatalx("pledge");
 				/* User-privileged slave */
 				debugmsg("user-privileged slave started");
 				return;
 				/* NOTREACHED */
 			case AUTH_MONITOR:
+				if (pledge("stdio inet sendfd recvfd proc",
+				    NULL) == -1)
+					fatalx("pledge");
 				/* Post-auth monitor */
 				debugmsg("monitor went into post-auth phase");
 				state = POSTAUTH;
-- 
2.20.1