diff options
| author |   deraadt <deraadt@openbsd.org> | 2015-10-28 20:17:31 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2015-10-28 20:17:31 +0000 |
| commit | 2da949c63ee2397737b052549251752e68ad8ee2 (patch) | |
| tree | d1d0cf55b57102f4dd39d992bca0fbc950164498 | |
| parent | Revert GPT change. Breaks non-GPT install/upgrade. (diff) | |
| download | wireguard-openbsd-2da949c63ee2397737b052549251752e68ad8ee2.tar.xz wireguard-openbsd-2da949c63ee2397737b052549251752e68ad8ee2.zip | |
pledge
ok millert
| -rw-r--r-- | usr.bin/at/at.c | 6 | ||||
| -rw-r--r-- | usr.sbin/cron/cron.c | 6 | ||||
| -rw-r--r-- | usr.sbin/cron/crontab.c | 8 |
3 files changed, 17 insertions, 3 deletions
diff --git a/usr.bin/at/at.c b/usr.bin/at/at.c index e9c8528415d..c4ed2460f1e 100644 --- a/usr.bin/at/at.c +++ b/usr.bin/at/at.c @@ -1,4 +1,4 @@ -/* $OpenBSD: at.c,v 1.65 2015/08/20 22:32:41 deraadt Exp $ */ +/* $OpenBSD: at.c,v 1.66 2015/10/28 20:17:31 deraadt Exp $ */ /* * at.c : Put file into atrun queue @@ -930,6 +930,10 @@ main(int argc, char **argv) int cflag = 0; int nflag = 0; + if (pledge("stdio rpath wpath cpath fattr getpw unix flock id", + NULL) == -1) + perr("pledge"); + if (argc < 1) usage(); diff --git a/usr.sbin/cron/cron.c b/usr.sbin/cron/cron.c index 02d86339a4a..2b3a26549f0 100644 --- a/usr.sbin/cron/cron.c +++ b/usr.sbin/cron/cron.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cron.c,v 1.57 2015/10/26 15:16:30 millert Exp $ */ +/* $OpenBSD: cron.c,v 1.58 2015/10/28 20:17:31 deraadt Exp $ */ /* Copyright 1988,1990,1993,1994 by Paul Vixie * Copyright (c) 2004 by Internet Systems Consortium, Inc. ("ISC") @@ -79,6 +79,10 @@ main(int argc, char *argv[]) set_cron_cwd(); + if (pledge("stdio rpath wpath cpath fattr getpw unix flock id dns proc exec", + NULL) == -1) + log_it("CRON", getpid(), "pledge", strerror(errno)); + cronSock = open_socket(); if (putenv("PATH="_PATH_DEFPATH) < 0) { diff --git a/usr.sbin/cron/crontab.c b/usr.sbin/cron/crontab.c index 17830229cdb..77ce0a70d0e 100644 --- a/usr.sbin/cron/crontab.c +++ b/usr.sbin/cron/crontab.c @@ -1,4 +1,4 @@ -/* $OpenBSD: crontab.c,v 1.74 2015/10/26 15:50:06 millert Exp $ */ +/* $OpenBSD: crontab.c,v 1.75 2015/10/28 20:17:31 deraadt Exp $ */ /* Copyright 1988,1990,1993,1994 by Paul Vixie * Copyright (c) 2004 by Internet Systems Consortium, Inc. ("ISC") @@ -68,6 +68,12 @@ main(int argc, char *argv[]) Pid = getpid(); ProgramName = argv[0]; + if (pledge("stdio rpath wpath cpath fattr getpw unix flock id", + NULL) == -1) { + log_it(RealUser, getpid(), "pledge", strerror(errno)); + exit(1); + } + setlocale(LC_ALL, ""); setvbuf(stderr, NULL, _IOLBF, 0); |