diff options
| author |   deraadt <deraadt@openbsd.org> | 2015-10-10 21:19:14 +0000 |
|---|---|---|
| committer | deraadt <deraadt@openbsd.org> | 2015-10-10 21:19:14 +0000 |
| commit | b90dc8b600f020ff071de26feee175b87b5faf36 (patch) | |
| tree | 43c783b114a025395197b20af312bb0b205a5aa2 | |
| parent | Kill pledges to only use "stdio proc". (diff) | |
| download | wireguard-openbsd-b90dc8b600f020ff071de26feee175b87b5faf36.tar.xz wireguard-openbsd-b90dc8b600f020ff071de26feee175b87b5faf36.zip | |
env(1) is obviously a program falling into pledge "stdio exec". It
does stdio, and it does a raw execve(). It is so obvious. It gets
only _exit(2), kbind(2), and 46 system calls -- over half of which
are deeply gutted in their functionality to only serve narrow libc
needs for "stdio (includes malloc)". the other 161 system calls kill it.
| -rw-r--r-- | usr.bin/env/env.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/usr.bin/env/env.c b/usr.bin/env/env.c index 5596e6fc2f2..87e9a0b8e4b 100644 --- a/usr.bin/env/env.c +++ b/usr.bin/env/env.c @@ -1,4 +1,4 @@ -/* $OpenBSD: env.c,v 1.15 2014/03/08 00:09:20 schwarze Exp $ */ +/* $OpenBSD: env.c,v 1.16 2015/10/10 21:19:14 deraadt Exp $ */ /* * Copyright (c) 1988, 1993, 1994 @@ -49,6 +49,9 @@ main(int argc, char *argv[]) setlocale(LC_ALL, ""); + if (pledge("stdio exec", NULL) == -1) + err(1, "pledge"); + while ((ch = getopt(argc, argv, "i-")) != -1) switch(ch) { case '-': /* obsolete */ |