Both gcc & collect2 can pledge "stdio rpath wpath cpath proc exec".

(cc1 "toplev.c" uses brk/sbrk, so it is on hold to figure out the right
direction...)
ok semarie pascal

2 files changed, 10 insertions, 0 deletions

diff --git a/gnu/gcc/gcc/collect2.c b/gnu/gcc/gcc/collect2.c
index f507e25e47d..f621abf0681 100644
--- a/gnu/gcc/gcc/collect2.c
+++ b/gnu/gcc/gcc/collect2.c
@@ -797,6 +797,11 @@ main (int argc, char **argv)
 
   no_demangle = !! getenv ("COLLECT_NO_DEMANGLE");
 
+  if (pledge ("stdio rpath wpath cpath proc exec", NULL) == -1) {
+      error ("cannot pledge");
+      collect_exit (1);
+  }
+
   /* Suppress demangling by the real linker, which may be broken.  */
   putenv (xstrdup ("COLLECT_NO_DEMANGLE="));
 
diff --git a/gnu/gcc/gcc/gcc.c b/gnu/gcc/gcc/gcc.c
index c466fee4689..c59eef8df78 100644
--- a/gnu/gcc/gcc/gcc.c
+++ b/gnu/gcc/gcc/gcc.c
@@ -6094,6 +6094,11 @@ main (int argc, char **argv)
 
   xmalloc_set_program_name (programname);
 
+  if (pledge ("stdio rpath wpath cpath proc exec", NULL) == -1) {
+    error ("pledge", xstrerror (errno));
+    exit (1);
+  }
+
   expandargv (&argc, &argv);
 
   prune_options (&argc, &argv);